Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

This file contains a description of the format used in the template file created by the
INPROT tool.


The permissions template file contains a set of entries in an SR10 format that are used
to change the permissions for various objects.  The types of entries allowed in
the file are shown below.
                                       | -setuid off
    F <node_relative_path_name>
    P <name> <required_rights> [ -setuid  | -setuid off ]
    G <name> <required_rights> [ -setuid  | -setuid off ]
    O <name> <required_rights> [ -setuid  | -setuid off ]
    W <name> <required_rights>
    E <SID>  <extended_rights>
    E ...
       .
       .
       .

    D <node_relative_path_name> [ -files | -dirs ]
    P <name> <required_rights> [ -setuid  | -setuid off ]
    G <name> <required_rights> [ -setuid  | -setuid off ]
    O <name> <required_rights> [ -setuid  | -setuid off ]
    W <name> <required_rights>
    E <SID>  <extended_rights>
    E ...
       .
       .
       .

DESCRIPTION

 where:

         a) The first letters are in column one of the lines.  Any other characters
            are ignored by the system, and are treated as comments.  Characters from the
            first letter until the next whitespace character are ignored.  This field is
            case insensitive.

            These letters have the following meaning:

             F - a file description
             P - a person description
             G - a group (or project) description
             O - an organization description
             W - a world description (last required ACL entry)
             E - an extended permissions description
             D - a directory description

         b) The path names supplied are relative to the target path.  This
            field is case sensitive.

         c) The name field is a single component of a SID, meaning a name like
            'adams' or 'root'.  WARNING -- In certain situations, use of the %
            wildcard (see 'd' below) may produce errors of the form :

                      ERROR: Setting required ACL for OBJECT due to:
                      Entry not found (RGYC/Client)

            In such a case, the name field must be replaced with a valid name found
            in the registry. This field is case sensitive

         d) The SID fields are of the form %.%.% (meaning that all three components should
            be present).  The '%' characters is a wildcard.  This field is case sensitive.

         e) The rights fields are as follows:

            <required_rights> may be any valid set of 'pwrxkjiu'
                              although 'j' is incompatible with any subset of 'pwrxi'

            <extended_rights> may be any valid set of 'pwrx'

            The rights fields are case insensitive.

         f) For the 'required' permission entries (P, G, O, W), only those that the
            user wishes to change need be supplied.  There is no ordering requirement
            for the P, G, O, W and E entries for a path name.

APPLICATION RULES

        1) Required entries:

                If the existing rights for the SID allow a change, then the
                install tool will change the rights field to be what is contained
                in the <required_rights> field, as well as setting the person
                group or component part of the SID.

        2) Extended entries:

                If the <SID> name matches an existing extended <SID> entry, and
                if the existing rights allow for a change, then the rights are
                set to the <extended_rights>.  If the <SID> is not found then,
                then this extended entry is added to the END of the extended SID list.

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026