0

Suppose I'm creating a file or directory with some name and mode argument using a system call and that operations fails with EEXIST.

Assuming I know my current umask, euid, and egid, how can I tell if that existing file/directory has permissions equivalent to what the system call would have created had the operation succeeded.

AFAIK, for classical permissions, the answer would be true iff .st_gid == egid && .st_uid == euid && (.st_mode & 07777) == (RequestedMode & 07777 & ~CurrentUmask) and the found/expected filetypes match.

How could this be extended to a system with access control lists?

Improve this question
1
  • 1
    Don't forget the setgid bit on the containing directory. And then there's stuff like SELinux... Commented Feb 22, 2022 at 19:02

1 Answer 1

Reset to default
2

To extend this to ACLs, you’d call acl_get_file with the path in which you’re creating the file, and ACL_TYPE_DEFAULT to request the default ACL on the directory. If there is one, that’s the ACL that would be applied by default to the file you tried to create.

You’d then use acl_get_file on the existing file, with ACL_TYPE_ACCESS, to retrieve the actual ACL on the file.

I don’t think there’s an ACL function for comparing ACLs, so that’s left as an exercise for the reader.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.