Help on module posix1e:

NAME
    posix1e - POSIX.1e ACLs manipulation

FILE
    /home/iusty/work/pylibacl/build/lib.linux-x86_64-2.4/posix1e.so

DESCRIPTION
    This module provides support for manipulating POSIX.1e ACLS
    
    Depending on the operating system support for POSIX.1e, 
    the ACL type will have more or less capabilities:
      - level 1, only basic support, you can create
        ACLs from files and text descriptions;
        once created, the type is immutable
      - level 2, complete support, you can alter
        the ACL once it is created
    
    Also, in level 2, more types are available, corresponding
    to acl_entry_t (Entry type), acl_permset_t (Permset type).
    
    Example:
    >>> import posix1e
    >>> acl1 = posix1e.ACL(file="file.txt") 
    >>> print acl1
    user::rw-
    group::rw-
    other::r--
    
    >>> b = posix1e.ACL(text="u::rx,g::-,o::-")
    >>> print b
    user::r-x
    group::---
    other::---
    
    >>> b.applyto("file.txt")
    >>> print posix1e.ACL(file="file.txt")
    user::r-x
    group::---
    other::---
    
    >>>

CLASSES
    __builtin__.object
        ACL
        Entry
        Permset
    
    class ACL(__builtin__.object)
     |  Type which represents a POSIX ACL
     |  
     |  Parameters:
     |    Only one keword parameter should be provided:
     |    - file="...", meaning create ACL representing
     |      the access ACL of that file
     |    - filedef="...", meaning create ACL representing
     |      the default ACL of that directory
     |    - fd=<int>, meaning create ACL representing
     |      the access ACL of that file descriptor
     |    - text="...", meaning create ACL from a 
     |      textual description
     |    - acl=<ACL instance>, meaning create a copy
     |      of an existing ACL instance
     |    - mode=<int>, meaning create an ACL from a numeric mode
     |      (e.g. mode=0644) (this is valid only when the C library
     |      provides the acl_from_mode call)
     |  If no parameters are passed, create an empty ACL; this
     |  makes sense only when your OS supports ACL modification
     |   (i.e. it implements full POSIX.1e support)
     |  
     |  Methods defined here:
     |  
     |  __cmp__(...)
     |      x.__cmp__(y) <==> cmp(x,y)
     |  
     |  __eq__(...)
     |      x.__eq__(y) <==> x==y
     |  
     |  __ge__(...)
     |      x.__ge__(y) <==> x>=y
     |  
     |  __getstate__(...)
     |      Dumps the ACL to an external format.
     |  
     |  __gt__(...)
     |      x.__gt__(y) <==> x>y
     |  
     |  __init__(...)
     |      x.__init__(...) initializes x; see x.__class__.__doc__ for signature
     |  
     |  __iter__(...)
     |      x.__iter__() <==> iter(x)
     |  
     |  __le__(...)
     |      x.__le__(y) <==> x<=y
     |  
     |  __lt__(...)
     |      x.__lt__(y) <==> x<y
     |  
     |  __ne__(...)
     |      x.__ne__(y) <==> x!=y
     |  
     |  __setstate__(...)
     |      Loads the ACL from an external format.
     |  
     |  __str__(...)
     |      x.__str__() <==> str(x)
     |  
     |  append(...)
     |      Append a new Entry to the ACL and return it.
     |      
     |      This is a convenience function to create a new Entry 
     |      and append it to the ACL.
     |      If a parameter of type Entry instance is given, the 
     |      entry will be a copy of that one (as if copied with 
     |      Entry.copy()), otherwise, the new entry will be empty.
     |  
     |  applyto(...)
     |      Apply the ACL to a file or filehandle.
     |      
     |      Parameters:
     |        - either a filename or a file-like object or an integer; this
     |          represents the filesystem object on which to act
     |        - optional flag representing the type of ACL to set, either
     |          ACL_TYPE_ACCESS (default) or ACL_TYPE_DEFAULT
     |  
     |  calc_mask(...)
     |      Compute the file group class mask.
     |      
     |      The calc_mask() method calculates and sets the permissions 
     |      associated with the ACL_MASK Entry of the ACL.
     |      The value of the new permissions is the union of the permissions 
     |      granted by all entries of tag type ACL_GROUP, ACL_GROUP_OBJ, or 
     |      ACL_USER.  If the ACL already contains an ACL_MASK entry, its 
     |      permissions are overwritten; if it does not contain an ACL_MASK 
     |      Entry, one is added.
     |      
     |      The order of existing entries in the ACL is undefined after this 
     |      function.
     |  
     |  check(...)
     |      Check the ACL validity.
     |      
     |      This is a non-portable, Linux specific extension that allow more
     |      information to be retrieved in case an ACL is not valid than the
     |      validate() method.
     |      
     |      This method will return either False (the ACL is valid), or a tuple
     |      with two elements. The first element is one of the following
     |      constants:
     |        - ACL_MULTI_ERROR: The ACL contains multiple entries that have a
     |                           tag type that may occur at most once
     |        - ACL_DUPLICATE_ERROR: The ACL contains multiple ACL_USER or 
     |                               ACL_GROUP entries  with the same ID
     |        - ACL_MISS_ERROR: A required entry is missing
     |        - ACL_ENTRY_ERROR: The ACL contains an invalid entry tag type
     |      
     |      The second element of the tuple is the index of the entry that is
     |      invalid (in the same order as by iterating over the ACL entry)
     |  
     |  delete_entry(...)
     |      Deletes an entry from the ACL.
     |      
     |      Note: Only with level 2
     |      Parameters:
     |       - the Entry object which should be deleted; note that after
     |         this function is called, that object is unusable any longer
     |         and should be deleted
     |  
     |  next(...)
     |      x.next() -> the next value, or raise StopIteration
     |  
     |  to_any_text(...)
     |      Convert the ACL to a custom text format.
     |      
     |      This method encapsulates the acl_to_any_text function. It allows a 
     |      customized text format to be generated for the ACL. See
     |      acl_to_any_text(3) for more details.
     |      
     |      Parameters:
     |        - prefix: if given, this string will be prepended to all lines
     |        - separator: a single character (defaults to '\n'); this will be
     |                     user to separate the entries in the ACL
     |        - options: a bitwise combination of:
     |            TEXT_ABBREVIATE: use 'u' instead of 'user', 'g' instead of 
     |                             'group', etc.
     |            TEXT_NUMERIC_IDS: User and group IDs are included as decimal
     |                              numbers instead of names
     |            TEXT_SOME_EFFECTIVE: Include comments denoting the effective
     |                                 permissions when some are masked
     |            TEXT_ALL_EFFECTIVE: Include comments after all ACL entries
     |                                affected by an ACL_MASK entry
     |            TEXT_SMART_INDENT: Used in combination with the _EFFECTIVE
     |                               options, this will ensure that comments 
     |                               are alligned to the fourth tab position
     |                               (assuming one tab equal eight spaces
     |  
     |  valid(...)
     |      Test the ACL for validity.
     |      
     |      This method tests the ACL to see if it is a valid ACL
     |      in terms of the filesystem. More precisely, it checks that:
     |      
     |      The ACL contains exactly one entry with each of the
     |      ACL_USER_OBJ, ACL_GROUP_OBJ, and ACL_OTHER tag types. Entries
     |      with ACL_USER and ACL_GROUP tag types may appear zero or more
     |      times in an ACL. An ACL that contains entries of ACL_USER or
     |      ACL_GROUP tag types must contain exactly one entry of the 
     |      ACL_MASK tag type. If an ACL contains no entries of
     |      ACL_USER or ACL_GROUP tag types, the ACL_MASK entry is optional.
     |      
     |      All user ID qualifiers must be unique among all entries of
     |      the ACL_USER tag type, and all group IDs must be unique among all
     |      entries of ACL_GROUP tag type.
     |      
     |      The method will return 1 for a valid ACL and 0 for an invalid one.
     |      This has been chosen because the specification for acl_valid in
     |      the POSIX.1e standard documents only one possible value for errno
     |      in case of an invalid ACL, so we can't differentiate between
     |      classes of errors. Other suggestions are welcome.
     |  
     |  ----------------------------------------------------------------------
     |  Data and other attributes defined here:
     |  
     |  __new__ = <built-in method __new__ of type object>
     |      T.__new__(S, ...) -> a new object with type S, a subtype of T
    
    class Entry(__builtin__.object)
     |  Type which represents an entry in an ACL.
     |  
     |  The type exists only if the OS has full support for POSIX.1e
     |  Can be created either by:
     |    e = posix1e.Entry(myACL) # this creates a new entry in the ACL
     |  or by:
     |    for entry in myACL:
     |        print entry
     |  
     |  Note that the Entry keeps a reference to its ACL, so even if 
     |  you delete the ACL, it won't be cleaned up and will continue to 
     |  exist until its Entry(ies) will be deleted.
     |  
     |  Methods defined here:
     |  
     |  __init__(...)
     |      x.__init__(...) initializes x; see x.__class__.__doc__ for signature
     |  
     |  __str__(...)
     |      x.__str__() <==> str(x)
     |  
     |  copy(...)
     |      Copy an ACL entry.
     |      
     |      This method sets all the parameters to those of another
     |      entry, even one of another's ACL
     |      Parameters:
     |       - src, instance of type Entry
     |  
     |  ----------------------------------------------------------------------
     |  Data and other attributes defined here:
     |  
     |  __new__ = <built-in method __new__ of type object>
     |      T.__new__(S, ...) -> a new object with type S, a subtype of T
     |  
     |  parent = <attribute 'parent' of 'posix1e.Entry' objects>
     |      The parent ACL of this entry
     |  
     |  permset = <attribute 'permset' of 'posix1e.Entry' objects>
     |      The permission set of this ACL entry
     |  
     |  qualifier = <attribute 'qualifier' of 'posix1e.Entry' objects>
     |      The qualifier of the current entry
     |      
     |      If the tag type is ACL_USER, this should be a user id.
     |      If the tag type if ACL_GROUP, this should be a group id.
     |      Else, it doesn't matter.
     |  
     |  tag_type = <attribute 'tag_type' of 'posix1e.Entry' objects>
     |      The tag type of the current entry
     |      
     |      This is one of:
     |       - ACL_UNDEFINED_TAG
     |       - ACL_USER_OBJ
     |       - ACL_USER
     |       - ACL_GROUP_OBJ
     |       - ACL_GROUP
     |       - ACL_MASK
     |       - ACL_OTHER
    
    class Permset(__builtin__.object)
     |  Type which represents the permission set in an ACL entry
     |  
     |  The type exists only if the OS has full support for POSIX.1e
     |  Can be created either by:
     |    perms = myEntry.permset
     |  or by:
     |    perms = posix1e.Permset(myEntry)
     |  
     |  Note that the Permset keeps a reference to its Entry, so even if 
     |  you delete the entry, it won't be cleaned up and will continue to 
     |  exist until its Permset will be deleted.
     |  
     |  Methods defined here:
     |  
     |  __init__(...)
     |      x.__init__(...) initializes x; see x.__class__.__doc__ for signature
     |  
     |  __str__(...)
     |      x.__str__() <==> str(x)
     |  
     |  add(...)
     |      Add a permission to the permission set.
     |      
     |      The add() function adds the permission contained in 
     |      the argument perm to the permission set.  An attempt 
     |      to add a permission that is already contained in the 
     |      permission set is not considered an error.
     |      Parameters:
     |        - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...
     |      Return value:
     |        None
     |      Can raise: IOError
     |  
     |  clear(...)
     |      Clear all permissions from the permission set.
     |  
     |  delete(...)
     |      Delete a permission from the permission set.
     |      
     |      The delete() function deletes the permission contained in 
     |      the argument perm from the permission set.  An attempt 
     |      to delete a permission that is not contained in the 
     |      permission set is not considered an error.
     |      Parameters:
     |        - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...
     |      Return value:
     |        None
     |      Can raise: IOError
     |  
     |  test(...)
     |      Test if a permission exists in the permission set.
     |      
     |      The test() function tests if the permission contained in 
     |      the argument perm exits the permission set.
     |      Parameters:
     |        - perm a permission (ACL_WRITE, ACL_READ, ACL_EXECUTE, ...
     |      Return value:
     |        Bool
     |      Can raise: IOError
     |  
     |  ----------------------------------------------------------------------
     |  Data and other attributes defined here:
     |  
     |  __new__ = <built-in method __new__ of type object>
     |      T.__new__(S, ...) -> a new object with type S, a subtype of T
     |  
     |  execute = <attribute 'execute' of 'posix1e.Permset' objects>
     |      Execute permsission
     |      
     |      This is a convenience method of access; the 
     |      same effect can be achieved using the functions
     |      add(), test(), delete(), and those can take any 
     |      permission defined by your platform.
     |  
     |  read = <attribute 'read' of 'posix1e.Permset' objects>
     |      Read permsission
     |      
     |      This is a convenience method of access; the 
     |      same effect can be achieved using the functions
     |      add(), test(), delete(), and those can take any 
     |      permission defined by your platform.
     |  
     |  write = <attribute 'write' of 'posix1e.Permset' objects>
     |      Write permsission
     |      
     |      This is a convenience method of access; the 
     |      same effect can be achieved using the functions
     |      add(), test(), delete(), and those can take any 
     |      permission defined by your platform.

FUNCTIONS
    delete_default(...)
        Delete the default ACL from a directory.
        
        This function deletes the default ACL associated with 
        a directory (the ACL which will be ANDed with the mode
        parameter to the open, creat functions).
        Parameters:
          - a string representing the directory whose default ACL
            should be deleted

DATA
    ACL_DUPLICATE_ERROR = 8192
    ACL_ENTRY_ERROR = 16384
    ACL_EXECUTE = 1
    ACL_GROUP = 8
    ACL_GROUP_OBJ = 4
    ACL_MASK = 16
    ACL_MISS_ERROR = 12288
    ACL_MULTI_ERROR = 4096
    ACL_OTHER = 32
    ACL_READ = 4
    ACL_TYPE_ACCESS = 32768
    ACL_TYPE_DEFAULT = 16384
    ACL_UNDEFINED_TAG = 0
    ACL_USER = 2
    ACL_USER_OBJ = 1
    ACL_WRITE = 2
    TEXT_ABBREVIATE = 16
    TEXT_ALL_EFFECTIVE = 2
    TEXT_NUMERIC_IDS = 8
    TEXT_SMART_INDENT = 4
    TEXT_SOME_EFFECTIVE = 1


