1 Python Library Documentation: module posix1e
4 posix1e - POSIX.1e ACLs manipulation
7 /home/iusty/work/pylibacl/build/lib.linux-i686-2.2/posix1e.so
10 This module provides support for manipulating POSIX.1e ACLS
12 Depending on the operating system support for POSIX.1e,
13 the ACL type will have more or less capabilities:
14 - level 1, only basic support, you can create
15 ACLs from files and text descriptions;
16 once created, the type is immutable
17 - level 2, complete support, you can alter
18 the ACL once it is created
20 Also, in level 2, more types are available, corresponding
21 to acl_entry_t (Entry type), acl_permset_t (Permset type).
25 >>> acl1 = posix1e.ACL(file="file.txt")
31 >>> b = posix1e.ACL(text="u::rx,g::-,o::-")
37 >>> b.applyto("file.txt")
38 >>> print posix1e.ACL(file="file.txt")
51 class ACL(__builtin__.object)
52 | Type which represents a POSIX ACL
55 | Only one keword parameter should be provided:
56 | - file="...", meaning create ACL representing
57 | the access ACL of that file
58 | - filedef="...", meaning create ACL representing
59 | the default ACL of that directory
60 | - fd=<int>, meaning create ACL representing
61 | the access ACL of that file descriptor
62 | - text="...", meaning create ACL from a
64 | - acl=<ACL instance>, meaning create a copy
65 | of an existing ACL instance
66 | If no parameters are passed, create an empty ACL; this
67 | makes sense only when your OS supports ACL modification
68 | (i.e. it implements full POSIX.1e support)
70 | Methods defined here:
73 | Dumps the ACL to an external format.
76 | x.__init__(...) initializes x; see x.__class__.__doc__ for signature
79 | x.__iter__() <==> iter(x)
82 | Loads the ACL from an external format.
85 | x.__str__() <==> str(x)
88 | Append a new Entry to the ACL and return it.
90 | This is a convenience function to create a new Entry
91 | and append it to the ACL.
92 | If a parameter of type Entry instance is given, the
93 | entry will be a copy of that one (as if copied with
94 | Entry.copy()), otherwise, the new entry will be empty.
97 | Apply the ACL to a file or filehandle.
100 | - either a filename or a file-like object or an integer; this
101 | represents the filesystem object on which to act
102 | - optional flag representing the type of ACL to set, either
103 | ACL_TYPE_ACCESS (default) or ACL_TYPE_DEFAULT
106 | Compute the file group class mask.
108 | The calc_mask() method calculates and sets the permissions
109 | associated with the ACL_MASK Entry of the ACL.
110 | The value of the new permissions is the union of the permissions
111 | granted by all entries of tag type ACL_GROUP, ACL_GROUP_OBJ, or
112 | ACL_USER. If the ACL already contains an ACL_MASK entry, its
113 | permissions are overwritten; if it does not contain an ACL_MASK
114 | Entry, one is added.
116 | The order of existing entries in the ACL is undefined after this
120 | Deletes an entry from the ACL.
122 | Note: Only with level 2
124 | - the Entry object which should be deleted; note that after
125 | this function is called, that object is unusable any longer
126 | and should be deleted
129 | x.next() -> the next value, or raise StopIteration
132 | Test the ACL for validity.
134 | This method tests the ACL to see if it is a valid ACL
135 | in terms of the filesystem. More precisely, it checks:
136 | A valid ACL contains exactly one entry with each of the ACL_USER_OBJ,
137 | ACL_GROUP_OBJ, and ACL_OTHER tag types. Entries with ACL_USER and
138 | ACL_GROUP tag types may appear zero or more times in an ACL. An ACL that
139 | contains entries of ACL_USER or ACL_GROUP tag types must contain exactly
140 | one entry of the ACL_MASK tag type. If an ACL contains no entries of
141 | ACL_USER or ACL_GROUP tag types, the ACL_MASK entry is optional.
143 | All user ID qualifiers must be unique among all entries of ACL_USER tag
144 | type, and all group IDs must be unique among all entries of ACL_GROUP tag
147 | The method will return 1 for a valid ACL and 0 for an invalid one.
148 | This has been chosen because the specification for acl_valid in POSIX.1e
149 | documents only one possible value for errno in case of an invalid ACL,
150 | so we can't differentiate between classes of errors. Other suggestions
153 | ----------------------------------------------------------------------
154 | Data and non-method functions defined here:
156 | __doc__ = 'Type which represents a POSIX ACL\n\nParameters:\n ...tion\...
157 | str(object) -> string
159 | Return a nice string representation of the object.
160 | If the argument is a string, the return value is the same object.
162 | __new__ = <built-in method __new__ of type object>
163 | T.__new__(S, ...) -> a new object with type S, a subtype of T
165 | ----------------------------------------------------------------------
166 | Methods inherited from __builtin__.object:
169 | x.__delattr__('name') <==> del x.name
171 | __getattribute__(...)
172 | x.__getattribute__('name') <==> x.name
175 | x.__hash__() <==> hash(x)
181 | x.__repr__() <==> repr(x)
184 | x.__setattr__('name', value) <==> x.name = value
186 | ----------------------------------------------------------------------
187 | Data and non-method functions inherited from __builtin__.object:
189 | __class__ = <type 'type'>
192 class Entry(__builtin__.object)
193 | Type which represents an entry in an ACL.
195 | The type exists only if the OS has full support for POSIX.1e
196 | Can be created either by:
197 | e = posix1e.Entry(myACL) # this creates a new entry in the ACL
199 | for entry in myACL:
202 | Note that the Entry keeps a reference to its ACL, so even if
203 | you delete the ACL, it won't be cleaned up and will continue to
204 | exist until its Entry(ies) will be deleted.
206 | Methods defined here:
209 | x.__init__(...) initializes x; see x.__class__.__doc__ for signature
212 | x.__str__() <==> str(x)
217 | This method sets all the parameters to those of another
218 | entry, even one of another's ACL
220 | - src, instance of type Entry
222 | ----------------------------------------------------------------------
223 | Data and non-method functions defined here:
225 | __doc__ = 'Type which represents an entry in an ACL.\n\nThe t... to \n...
226 | str(object) -> string
228 | Return a nice string representation of the object.
229 | If the argument is a string, the return value is the same object.
231 | __new__ = <built-in method __new__ of type object>
232 | T.__new__(S, ...) -> a new object with type S, a subtype of T
234 | parent = <attribute 'parent' of 'posix1e.Entry' objects>
235 | The parent ACL of this entry
238 | permset = <attribute 'permset' of 'posix1e.Entry' objects>
239 | The permission set of this ACL entry
242 | qualifier = <attribute 'qualifier' of 'posix1e.Entry' objects>
243 | The qualifier of the current entry
245 | If the tag type is ACL_USER, this should be a user id.
246 | If the tag type if ACL_GROUP, this should be a group id.
247 | Else, it doesn't matter.
250 | tag_type = <attribute 'tag_type' of 'posix1e.Entry' objects>
251 | The tag type of the current entry
254 | - ACL_UNDEFINED_TAG
263 | ----------------------------------------------------------------------
264 | Methods inherited from __builtin__.object:
267 | x.__delattr__('name') <==> del x.name
269 | __getattribute__(...)
270 | x.__getattribute__('name') <==> x.name
273 | x.__hash__() <==> hash(x)
279 | x.__repr__() <==> repr(x)
282 | x.__setattr__('name', value) <==> x.name = value
284 | ----------------------------------------------------------------------
285 | Data and non-method functions inherited from __builtin__.object:
287 | __class__ = <type 'type'>
290 class Permset(__builtin__.object)
291 | Type which represents the permission set in an ACL entry
293 | The type exists only if the OS has full support for POSIX.1e
294 | Can be created either by:
295 | perms = myEntry.permset
297 | perms = posix1e.Permset(myEntry)
299 | Note that the Permset keeps a reference to its Entry, so even if
300 | you delete the entry, it won't be cleaned up and will continue to
301 | exist until its Permset will be deleted.
303 | Methods defined here:
306 | x.__init__(...) initializes x; see x.__class__.__doc__ for signature
309 | x.__str__() <==> str(x)
312 | Add a permission to the permission set.
314 | The add() function adds the permission contained in
315 | the argument perm to the permission set. An attempt
316 | to add a permission that is already contained in the
317 | permission set is not considered an error.
319 | - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...
325 | Clear all permissions from the permission set.
328 | Delete a permission from the permission set.
330 | The delete() function deletes the permission contained in
331 | the argument perm from the permission set. An attempt
332 | to delete a permission that is not contained in the
333 | permission set is not considered an error.
335 | - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...
341 | Test if a permission exists in the permission set.
343 | The test() function tests if the permission contained in
344 | the argument perm exits the permission set.
346 | - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...
351 | ----------------------------------------------------------------------
352 | Data and non-method functions defined here:
354 | __doc__ = 'Type which represents the permission set in an A...nue to \...
355 | str(object) -> string
357 | Return a nice string representation of the object.
358 | If the argument is a string, the return value is the same object.
360 | __new__ = <built-in method __new__ of type object>
361 | T.__new__(S, ...) -> a new object with type S, a subtype of T
363 | execute = <attribute 'execute' of 'posix1e.Permset' objects>
364 | Execute permsission
366 | This is a convenience method of access; the
367 | same effect can be achieved using the functions
368 | add(), test(), delete(), and those can take any
369 | permission defined by your platform.
372 | read = <attribute 'read' of 'posix1e.Permset' objects>
375 | This is a convenience method of access; the
376 | same effect can be achieved using the functions
377 | add(), test(), delete(), and those can take any
378 | permission defined by your platform.
381 | write = <attribute 'write' of 'posix1e.Permset' objects>
384 | This is a convenience method of access; the
385 | same effect can be achieved using the functions
386 | add(), test(), delete(), and those can take any
387 | permission defined by your platform.
390 | ----------------------------------------------------------------------
391 | Methods inherited from __builtin__.object:
394 | x.__delattr__('name') <==> del x.name
396 | __getattribute__(...)
397 | x.__getattribute__('name') <==> x.name
400 | x.__hash__() <==> hash(x)
406 | x.__repr__() <==> repr(x)
409 | x.__setattr__('name', value) <==> x.name = value
411 | ----------------------------------------------------------------------
412 | Data and non-method functions inherited from __builtin__.object:
414 | __class__ = <type 'type'>
419 Delete the default ACL from a directory.
421 This function deletes the default ACL associated with
422 a directory (the ACL which will be ANDed with the mode
423 parameter to the open, creat functions).
425 - a string representing the directory whose default ACL
435 ACL_TYPE_ACCESS = 32768
436 ACL_TYPE_DEFAULT = 16384
437 ACL_UNDEFINED_TAG = 0
441 __file__ = '/home/iusty/work/pylibacl/build/lib.linux-i686-2.2/posix1e...