getgrpaclattr, nextgrpacl, or putgrpaclattr Subroutine

Purpose

Accesses the group screen information in the SMIT ACL database.

Library

Security Library (libc.a)

Syntax

#include <usersec.h>
int getgrpaclattr (Group, Attribute, Value, Type)
char *User;
char *Attribute;
void *Value;
int Type;
char *nextgrpacl(void)
int putgrpaclattr (Group, Attribute, Value, Type)
char *User;
char *Attribute;
void *Value;
int Type;

Description

The getgrpaclattr subroutine reads a specified group attribute from the SMIT ACL database. If the database is not already open, this subroutine does an implicit open for reading.

Similarly, the putgrpaclattr subroutine writes a specified attribute into the user SMIT ACL database. If the database is not already open, this subroutine does an implicit open for reading and writing. Data changed by the putgrpaclattr subroutine must be explicitly committed by calling the putgrpaclattr subroutine with a Type parameter specifying SEC_COMMIT. Until all the data is committed, only the getgrpaclattr subroutine within the process returns written data.

The nextgrpacl subroutine returns the next group in a linear search of the group SMIT ACL database. The consistency of consecutive searches depends upon the underlying storage-access mechanism and is not guaranteed by this subroutine.

The setacldb and endacldb subroutines should be used to open and close the database.

Parameters

Item Description
Attribute Specifies which attribute is read. The following possible attributes are defined in the usersec.h file:
S_SCREENS
String of SMIT screens. The attribute type is SEC_LIST.
Type Specifies the type of attribute expected. Valid types are defined in the usersec.h file and include:
SEC_LIST
The format of the attribute is a series of concatenated strings, each null-terminated. The last string in the series must be an empty (zero character count) string.

For the getgrpaclattr subroutine, the user should supply a pointer to a defined character pointer variable. For the putgrpaclattr subroutine, the user should supply a character pointer.

SEC_COMMIT
For the putgrpaclattr subroutine, this value specified by itself indicates that changes to the named group are to be committed to permanent storage. The Attribute and Value parameters are ignored. If no group is specified, the changes to all modified groups are committed to permanent storage.
SEC_DELETE
The corresponding attribute is deleted from the group SMIT ACL database.
SEC_NEW
Updates the group SMIT ACL database file with the new group name when using the putgrpaclattr subroutine.
Value Specifies a buffer, a pointer to a buffer, or a pointer to a pointer depending on the Attribute and Type parameters. See the Type parameter for more details.

Return Values

If successful, the getgrpaclattr returns 0. Otherwise, a value of -1 is returned and the errno global variable is set to indicate the error.

Error Codes

Possible return codes are:

Item Description
EACCES Access permission is denied for the data request.
ENOENT The specified Group parameter does not exist or the attribute is not defined for this group.
ENOATTR The specified user attribute does not exist for this group.
EINVAL The Attribute parameter does not contain one of the defined attributes or null.
EINVAL The Value parameter does not point to a valid buffer or to valid data for this type of attribute.
EPERM Operation is not permitted.