Shell Commands › Application Control › modify_acl (Application Control and Management)--Replace Portion Application ACL

modify_acl (Application Control and Management)--Replace Portion Application ACL

Replace that portion of the application ACL which relates to the owner or a principal.

Syntax

application modify_acl <name> [ <principal>=owner ] [ <principal1>=<val1> ... <principalN>=<valN> ] [ --test_only ]

Parameters

<principal>=owner

Set the owner attribute of the application ACL to the specified principal.

<principal>=<val>

Add or replace the specified principal in the application ACL with access level <val>. <principal> is in the form <scope>:<type>:<name> where <scope> is local, <type> is user or group, and <name> is the user or group name. Valid access levels are: read, control, configure and full. If the access level is specified as 'none' the principal is removed from the application ACL if it is present.

--test_only

Do not replace any portion of the application ACL but rather test if the operation can succeed.

Examples

application modify_acl my-app local:user:admin=full

Replace that portion of the 'myapp' application ACL which relates to the local user 'admin', providing full access level permissions to this user.

Notes

• Specified local user and group principals must exist.
• Specifying a principal scope of “global”, as is available in the distributed version of the product, will currently result in an error indicating the principal does not exist.