summaryrefslogtreecommitdiffstats
path: root/lib/libc/sys/access.2
diff options
context:
space:
mode:
Diffstat (limited to 'lib/libc/sys/access.2')
-rw-r--r--lib/libc/sys/access.2235
1 files changed, 235 insertions, 0 deletions
diff --git a/lib/libc/sys/access.2 b/lib/libc/sys/access.2
new file mode 100644
index 0000000..65b8fb6
--- /dev/null
+++ b/lib/libc/sys/access.2
@@ -0,0 +1,235 @@
+.\" Copyright (c) 1980, 1991, 1993
+.\" The Regents of the University of California. All rights reserved.
+.\"
+.\" Redistribution and use in source and binary forms, with or without
+.\" modification, are permitted provided that the following conditions
+.\" are met:
+.\" 1. Redistributions of source code must retain the above copyright
+.\" notice, this list of conditions and the following disclaimer.
+.\" 2. Redistributions in binary form must reproduce the above copyright
+.\" notice, this list of conditions and the following disclaimer in the
+.\" documentation and/or other materials provided with the distribution.
+.\" 4. Neither the name of the University nor the names of its contributors
+.\" may be used to endorse or promote products derived from this software
+.\" without specific prior written permission.
+.\"
+.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+.\" SUCH DAMAGE.
+.\"
+.\" @(#)access.2 8.2 (Berkeley) 4/1/94
+.\" $FreeBSD$
+.\"
+.Dd April 10, 2008
+.Dt ACCESS 2
+.Os
+.Sh NAME
+.Nm access ,
+.Nm eaccess ,
+.Nm faccessat
+.Nd check accessibility of a file
+.Sh LIBRARY
+.Lb libc
+.Sh SYNOPSIS
+.In unistd.h
+.Ft int
+.Fn access "const char *path" "int mode"
+.Ft int
+.Fn eaccess "const char *path" "int mode"
+.Ft int
+.Fn faccessat "int fd" "const char *path" "int mode" "int flag"
+.Sh DESCRIPTION
+The
+.Fn access
+and
+.Fn eaccess
+system calls check the accessibility of the
+file named by
+the
+.Fa path
+argument
+for the access permissions indicated by
+the
+.Fa mode
+argument.
+The value of
+.Fa mode
+is either the bitwise-inclusive OR of the access permissions to be
+checked
+.Dv ( R_OK
+for read permission,
+.Dv W_OK
+for write permission, and
+.Dv X_OK
+for execute/search permission),
+or the existence test
+.Pq Dv F_OK .
+.Pp
+For additional information, see the
+.Sx "File Access Permission"
+section of
+.Xr intro 2 .
+.Pp
+The
+.Fn eaccess
+system call uses
+the effective user ID and the group access list
+to authorize the request;
+the
+.Fn access
+system call uses
+the real user ID in place of the effective user ID,
+the real group ID in place of the effective group ID,
+and the rest of the group access list.
+.Pp
+The
+.Fn faccessat
+system call is equivalent to
+.Fn access
+except in the case where
+.Fa path
+specifies a relative path.
+In this case the file whose accessibility is to be determined is
+located relative to the directory associated with the file descriptor
+.Fa fd
+instead of the current working directory.
+If
+.Fn faccessat
+is passed the special value
+.Dv AT_FDCWD
+in the
+.Fa fd
+parameter, the current working directory is used and the behavior is
+identical to a call to
+.Fn access .
+Values for
+.Fa flag
+are constructed by a bitwise-inclusive OR of flags from the following
+list, defined in
+.In fcntl.h :
+.Bl -tag -width indent
+.It Dv AT_EACCESS
+The checks for accessibility are performed using the effective user and group
+IDs instead of the real user and group ID as required in a call to
+.Fn access .
+.El
+.Pp
+Even if a process's real or effective user has appropriate privileges
+and indicates success for
+.Dv X_OK ,
+the file may not actually have execute permission bits set.
+Likewise for
+.Dv R_OK
+and
+.Dv W_OK .
+.Sh RETURN VALUES
+.Rv -std
+.Sh ERRORS
+Access to the file is denied if:
+.Bl -tag -width Er
+.It Bq Er ENOTDIR
+A component of the path prefix is not a directory.
+.It Bq Er ENAMETOOLONG
+A component of a pathname exceeded 255 characters,
+or an entire path name exceeded 1023 characters.
+.It Bq Er ENOENT
+The named file does not exist.
+.It Bq Er ELOOP
+Too many symbolic links were encountered in translating the pathname.
+.It Bq Er EROFS
+Write access is requested for a file on a read-only file system.
+.It Bq Er ETXTBSY
+Write access is requested for a pure procedure (shared text)
+file presently being executed.
+.It Bq Er EACCES
+Permission bits of the file mode do not permit the requested
+access, or search permission is denied on a component of the
+path prefix.
+.It Bq Er EFAULT
+The
+.Fa path
+argument
+points outside the process's allocated address space.
+.It Bq Er EIO
+An I/O error occurred while reading from or writing to the file system.
+.El
+.Pp
+Also, the
+.Fn faccessat
+system call may fail if:
+.Bl -tag -width Er
+.It Bq Er EBADF
+The
+.Fa path
+argument does not specify an absolute path and the
+.Fa fd
+argument is
+neither
+.Dv AT_FDCWD
+nor a valid file descriptor.
+.It Bq Er EINVAL
+The value of the
+.Fa flag
+argument is not valid.
+.It Bq Er ENOTDIR
+The
+.Fa path
+argument is not an absolute path and
+.Fa fd
+is neither
+.Dv AT_FDCWD
+nor a file descriptor associated with a directory.
+.El
+.Sh SEE ALSO
+.Xr chmod 2 ,
+.Xr intro 2 ,
+.Xr stat 2
+.Sh STANDARDS
+The
+.Fn access
+system call is expected to conform to
+.St -p1003.1-90 .
+The
+.Fn faccessat
+system call follows The Open Group Extended API Set 2 specification.
+.Sh HISTORY
+The
+.Fn access
+function appeared in
+.At v7 .
+The
+.Fn faccessat
+system call appeared in
+.Fx 8.0 .
+.Sh SECURITY CONSIDERATIONS
+The
+.Fn access
+system call
+is a potential security hole due to race conditions and
+should never be used.
+Set-user-ID and set-group-ID applications should restore the
+effective user or group ID,
+and perform actions directly rather than use
+.Fn access
+to simulate access checks for the real user or group ID.
+The
+.Fn eaccess
+system call
+likewise may be subject to races if used inappropriately.
+.Pp
+.Fn access
+remains useful for providing clues to users as to whether operations
+make sense for particular filesystem objects (e.g. 'delete' menu
+item only highlighted in a writable folder ... avoiding interpretation
+of the st_mode bits that the application might not understand --
+e.g. in the case of AFS).
+It also allows a cheaper file existence test than
+.Xr stat 2 .
OpenPOWER on IntegriCloud