acl_valid - Checks an ACL for validity
Security Library (libpacl.a)
Specifies the working storage internal representation of an ACL. Pointer to the location that holds a returned ACL entry.
NOTE: This function is based on Draft 13 of the POSIX P1003.6 standard. The function may change as the P1003.6 standard is finalized.
The acl_valid() function checks the ACL for validity. An ACL is invalid if one or more of the following conditions are violated: The three required entries (ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER_OBJ) must appear exactly once in an ACL of ACCESS type, and in a nonempty ACL of DEFAULT type. The ACL must not contain a duplicate entry. An entry is duplicated if another entry in the same ACL has the same entry tag type and the same tag qualifier (sameness or difference in permissions is not relevant).
Upon successful completion, the acl_valid() function returns a value of 0 (zero). Otherwise, a value of -1 is returned, and the errno global variable is set to indicate the error.
For the following condition, the acl_valid() function sets the location specified by the entry_p parameter with the value of the ACL entry for which one or more duplicates exist elsewhere in the ACL. The ACL contains entries that are not unique.
For the following conditions, the acl_valid() function sets the location indicated by the entry_p parameter to the NULL value. The acl_d parameter does not refer to a valid ACL.
One or more of the required entries is not present.
Too many entries (greater than MAX_IR_ENTRIES)
acl_create_entry(3), acl_init(3), acl_get_fd(3), acl_get_file(3), acl_set_fd(3), acl_set_file(3), acl(4)
Security delim off