| 
 getaccess(1)                                                   getaccess(1)
 NAME    [Toc]    [Back]
      getaccess - list access rights to file(s)
 SYNOPSIS    [Toc]    [Back]
      getaccess [-u user] [-g user] group[,group]...] [-n] file ...
      getaccess -r [-n] file ...
 DESCRIPTION    [Toc]    [Back]
      getaccess lists for the specified files the effective access rights of
      the caller (that is, for their effective user ID, effective group ID,
      and supplementary groups list).  By default, the command prints a
      symbolic representation of the user's access rights to the named file:
      r or - for read/no read, w or - for write/no write, and x or - for
      execute/no execute (for directories, search/no search), followed by
      the file name.
    Options    [Toc]    [Back]
      getaccess recognizes the following options and command-line arguments:
           -u user        List access for the given user instead of the
                          caller.  A user can be a known user name, a valid
                          ID number, or @, representing the file's owner ID.
                          If information about more than one file is
                          requested, the value of @ can differ for each.
                          This option sets the user ID only.  The access
                          check is made with the caller's effective group ID
                          and supplementary group IDs unless -g is also
                          specified.
           -g group[,group]...]
                          List access for the given group(s) instead of the
                          caller's effective group ID and supplementary
                          groups list.  A group can be a known group name, a
                          valid ID number, or @, representing the file's
                          group ID.  If information about more than one file
                          is requested, the value of @ can differ for each.
           -r             List access using the caller's real user ID, group
                          ID, and supplementary groups list, instead of
                          effective ID values.
           -n             List access rights numerically (octal digits 0..7
                          instead of rwx) for each file requested.  The bit
                          values R_OK, W_OK, and X_OK are defined in the
                          file <unistd.h>.
      Checking access using access control lists is described in acl(5) and
      aclv(5).
 Hewlett-Packard Company            - 1 -   HP-UX 11i Version 2: August 2003
 getaccess(1)                                                   getaccess(1)
      In addition, the write bit is cleared for files on read-only file
      systems or shared-text programs being executed.  The execute bit is
      not turned off for shared-text programs open for writing because it is
      not possible to ascertain whether a file open for writing is a
      shared-text program.
      Processes with appropriate privileges have read and write access to
      all files.  However, write access is denied for files on read-only
      file systems or shared-text programs being executed.  Execute access
      is allowed if and only if the file is not a regular file or the
      execute bit is set in any of the file's ACL entries.
      To use getaccess successfully, the caller must have search access in
      every directory component of the path name of the file.  getaccess
      verifies search access first by using the caller's effective IDs,
      regardless of the user and group IDs specified.  This is distinct from
      the case in which the caller can search the path but the user for whom
      access is being checked does not have access to the file.
      Note: a file name argument of - has no special meaning (such as
      standard input) to getaccess.
 EXTERNAL INFLUENCES    [Toc]    [Back]
    Environment Variables
      LANG determines the language in which messages are displayed.
      If LANG is not specified or is set to the empty string, a default of
      "C" (see lang(5)) is used instead of LANG.  If any
      internationalization variable contains an invalid setting, getaccess
      behaves as if all internationalization variables are set to "C".  See
      environ(5).
 RETURN VALUE    [Toc]    [Back]
      getaccess returns one of the following values:
           0    Successful completion.
           1    getaccess was invoked incorrectly or encountered an unknown
                user or group name.  An appropriate message is printed to
                standard error.
           2    A file is nonexistent or unreachable (by the caller).
                getaccess prints an appropriate message to standard error,
                continues, then returns a value of 2 upon completion.
 EXAMPLES    [Toc]    [Back]
      The following command prints the caller's access rights to file1 using
      the file's group ID instead of the caller's effective group ID and
      groups list.
 Hewlett-Packard Company            - 2 -   HP-UX 11i Version 2: August 2003
 getaccess(1)                                                   getaccess(1)
           getaccess -g@ file1
      Here's how to check access by user ggd in groups red and 19 to all
      files in the current directory, with access rights expressed as octal
      values.
           getaccess -u ggd -g red,19 -n .* *
      Here's how to list access rights for all files under mydir.
           find mydir -print | sort | xargs getaccess
 AUTHOR    [Toc]    [Back]
      getaccess was developed by HP.
 FILES    [Toc]    [Back]
      /etc/passwd
      /etc/group
 SEE ALSO    [Toc]    [Back]
      chacl(1), getacl(1), lsacl(1), setacl(1), getaccess(2), glossary(9).
 Hewlett-Packard Company            - 3 -   HP-UX 11i Version 2: August 2003[ Back ] |