ACLs in Mac OS X - lookup GUID

Question

I am investigating ACLs on Mac OS X 10.8 Mountain Lion. I have made some headway with the APIs (the documentation is poor) and can retrieve a list of ACL entries for a given file or directory. What I don not know how to do is to translate the GUID/UUID returned by acl_get_qualifier() into a UID or GID. I am using C++ (C really). Here's some code:

int     acleid=ACL_FIRST_ENTRY;
int     aclgeres;

// got an ACL in acl, loop on entries ...

if((aclgeres=acl_get_entry(acl,acleid,&ace))==0)
   {
   int          aclgttres;
   acl_tag_t    tag;
   void         *aclgq;
   acleid=ACL_NEXT_ENTRY;
   if((aclgttres=acl_get_tag_type(ace,&tag))<0)
      exit(errno);
   else
      {
      switch(tag)
         {
         case ACL_UNDEFINED_TAG:
            {
            // error
            break;
            }

         case ACL_EXTENDED_ALLOW:
            {
            printf("   TAG ALLOW
");
            break;
            }

         case ACL_EXTENDED_DENY:
            {
            printf("   TAG DENY
");
            break;
            }
         }

      if(tag!=ACL_UNDEFINED_TAG)
         {
         if((aclgq=acl_get_qualifier(ace))==NULL)
            exit(errno);
         else
            {
            guid_t     *guid=static_cast(aclgq);

            /**********************************************/

            guid is now a 16-byte buffer containing a semi-
            opaque 128-bit UUID entry. This maps into a
            user ID or group ID, but I do not know how

            /**********************************************/

            free(aclgq);
            }
         }
      }
   }

So the question is, what API do I use to map UUIDs onto the corresponding user or group? For groups it's actually quite easy as the trailing bytes of the GUID give the GID, but for users it is not so straightforward.

ACLs in Mac OS X - lookup GUID

Answers (1)

Related Questions