* Info Catalog Prev elisp: File Attributes Up elisp: Information about Files Next elisp: Locating Files

elisp: Extended Attributes

 
 24.6.5 Extended File Attributes
 -------------------------------
 
 On some operating systems, each file can be associated with arbitrary
 “extended file attributes”.  At present, Emacs supports querying and
 setting two specific sets of extended file attributes: Access Control
 Lists (ACLs) and SELinux contexts.  These extended file attributes are
 used, on some systems, to impose more sophisticated file access controls
 than the basic Unix-style permissions discussed in the previous
 sections.
 
    A detailed explanation of ACLs and SELinux is beyond the scope of
 this manual.  For our purposes, each file can be associated with an
 “ACL”, which specifies its properties under an ACL-based file control
 system, and/or an “SELinux context”, which specifies its properties
 under the SELinux system.
 
  -- Function: file-acl filename
      This function returns the ACL for the file FILENAME.  The exact
      Lisp representation of the ACL is unspecified (and may change in
      future Emacs versions), but it is the same as what ‘set-file-acl’
      takes for its ACL argument (SeeChanging Files).
 
      The underlying ACL implementation is platform-specific; on
      GNU/Linux and BSD, Emacs uses the POSIX ACL interface, while on
      MS-Windows Emacs emulates the POSIX ACL interface with native file
      security APIs.
 
      If Emacs was not compiled with ACL support, or the file does not
      exist or is inaccessible, or Emacs was unable to determine the ACL
      entries for any other reason, then the return value is ‘nil’.
 
  -- Function: file-selinux-context filename
      This function returns the SELinux context of the file FILENAME, as
      a list of the form ‘(USER ROLE TYPE RANGE)’.  The list elements are
      the context’s user, role, type, and range respectively, as Lisp
      strings; see the SELinux documentation for details about what these
      actually mean.  The return value has the same form as what
      ‘set-file-selinux-context’ takes for its CONTEXT argument (See
      Changing Files).
 
      If Emacs was not compiled with SELinux support, or the file does
      not exist or is inaccessible, or if the system does not support
      SELinux, then the return value is ‘(nil nil nil nil)’.
 
  -- Function: file-extended-attributes filename
      This function returns an alist of the Emacs-recognized extended
      attributes of file FILENAME.  Currently, it serves as a convenient
      way to retrieve both the ACL and SELinux context; you can then call
      the function ‘set-file-extended-attributes’, with the returned
      alist as its second argument, to apply the same file access
      attributes to another file (SeeChanging Files).
 
      One of the elements is ‘(acl . ACL)’, where ACL has the same form
      returned by ‘file-acl’.
 
      Another element is ‘(selinux-context . CONTEXT)’, where CONTEXT is
      the SELinux context, in the same form returned by
      ‘file-selinux-context’.
* Info Catalog Prev elisp: File Attributes Up elisp: Information about Files Next elisp: Locating Files