The server_create_acl( ) routine creates an ACL for a specified principal.
/******
*
* server_create_acl -- Create an ACL with some specified set of permissions
* assigned to some principal user.
*
*
* Called from server_acl_mgr_setup().
*
******/
void server_create_acl(
uuid_t mgr_type_uuid, /* Manager type of ACL to create. */
sec_acl_permset_t perms, /* Permission set for ACL. */
unsigned_char_t *user, /* Principal name for new entry. */
sec_acl_t *acl, /* To return the ACL entry in. */
uuid_t
*acl_uuid, /* To return the ACL's UUID in. */
unsigned32 *status) /* To return status in. */
{
uuid_t u; /* For the principal's UUID (from the registry). */
*status = error_status_ok;
/* Create a UUID for the ACL...
*/
/* Note that the new UUID doesn't get associated with the entry in */
/* this routine. It must happen in
server_acl_mgr_setup()... */
uuid_create(acl_uuid, status);
/* Create an initial ACL object with default permissions for the */
/* designated user principal identity... */
dce_acl_obj_init(&mgr_type_uuid, acl, status);
/*
Get the specified principal's UUID... */
server_get_local_principal_id(user, &u, status);
/* Now add the user ACL
entry to the ACL... */
dce_acl_obj_add_user_entry(acl, perms, &u, status);
}