access.2 (2010 09)
a
access(2) access(2)
NAME
access() - determine accessibility of a file
SYNOPSIS
#include <unistd.h>
int access(char *path, int amode);
DESCRIPTION
The access() system call checks the file pointed to by path for accessibility according to the bit pattern
contained in amode .
access() uses the real user ID, not the effective user ID, and the real group ID,
not the effective group ID.
The value of amode is either the bit-wise inclusive OR of the access permissions to be checked, or the
existence test. You can use the following symbolic constants, defined in
<unistd.h>, to test for permis-
sions:
R_OK Read access
W_OK Write access
X_OK Execute (search) access
F_OK Check existence of file
The owner of a file has permission checked with respect to the "user" read, write, and execute mode bits.
Members of the file’s group other than the owner have permissions checked with respect to the "group"
mode bits. All others have permissions checked with respect to the "other" mode bits.
If a file is currently open for execution,
access() reports that it is not writable, regardless of the setting
of its mode.
Access Control Lists - HFS File Systems Only
Read, write, and execute/search permissions are checked against the file’s access control list (ACL). Each
mode is checked separately since different ACL entries can grant different permissions. The real user ID
is combined with the process’s real group ID and each group in its supplementary groups list, and the
access control list is searched for a match. Search proceeds in order of specificity and ends when one or
more matching entries are found at a specific level. More than one user
.group or
%.group entry can
match a user if that user has a nonnull supplementary groups list. If any matching entry has the
appropriate permission bit set, access is permitted.
Access Control Lists - JFS File Systems Only
Read, write, and execute/search permissions are checked against the file’s access control list (ACL). The
real user ID is combined with the process’s real group ID and each group in its supplementary groups list,
and the access control list is searched for a match. Search proceeds in order of ACL entries and ends
when the first entry matching the user ID or any of the group IDs is encountered.
If a shared text file is currently open for execution,
access() reports that it is not writable, regardless
of its access control list. However, access() does not report that a shared text file open for writing is
not executable, since the check is not easily done.
It also reports that a file on a read-only file system is not writable.
Security Restrictions
If the path is valid and the real user ID is superuser or a user with DACREAD and DACWRITE privileges,
access() always returns 0, except when amode includes X_OK, the path is not a directory, and none of
the execute bits are set in the file’s mode.
See privileges (5) for more information about privileged access on systems that support fine-grained
privileges.
RETURN VALUE
access() returns the following values:
0 Successful completion. The requested access is permitted.
-1 Failure. errno is set to indicate the error.
ERRORS
If
access() fails, errno is set to one of the following values.
HP-UX 11i Version 3: September 2010 − 1 − Hewlett-Packard Company 1