Maintenance Commands                                    lsacl(1m)

NAME
     lsacl - Display ACL (Access Control List) information.

SYNOPSIS
     lsacl [ -I instance ] [-loF] [-E | objectname ... | -]

DESCRIPTION
     The lsacl command displays acces control information associ-
     ated  with  the specified object(s)/enumeration.  The output
     of lsacl consists of two sections: the comments section  and
     the ACL entries section.

     The optional comments section may  contain  multiple  lines.
     The object name (via -l option), owner, object owning group,
     audit and alarm (via -a or -l option).  Each line of comment
     begins with a '%'.

     Each ACE appears on a separate line.  The ACE entry contains
     a  line  with  four  fields separated by a colon.  The first
     field is either 'granted'  or  'denied'.  The  second  field
     shows  inheritance.   The third field shows the access masks
     for standard and specific rights.  The  fourth  field  shows
     the  SID  (Security  ID). In case of any error, this command
     should exit with a standard error code.

OPTIONS
  -I instance
     Specifies the PCNL instance name  or  number.  In  a  multi-
     instance environment instance may be specified either on the
     command line or by the environment  variable  PCNL_INSTANCE.
     If  there  is only one instance configured, it is not neces-
     sary to specify this argument.

  -E
     This enumerates ALL ACLs in the system.  If the 'objectname'
     is '-', a list of objects is read from standard input.

  -F
     display all ACE flags

  -g
     Display primary groups.

  -l
     Display long listing.

  -M
     Display meaning of mask abbreviations.

  -o
     Display owners, e.g. %owner::
	 
EXAMPLE
     At a Solaris console, to display the long listing of an  ACL
     entry for object 'objectname', type the following:
          lsacl -l /home/foo/bar