check accessibility of a file
Standard C Library (libc, -lc)
char *path, int
char *path, int
fd, const char
*path, int mode,
system calls check the accessibility of the file named by the
path argument for the access permissions indicated by
the mode argument. The value of
mode is either the bitwise-inclusive OR of the access
permissions to be checked (
R_OK for read permission,
W_OK for write permission, and
X_OK for execute/search permission), or the existence
For additional information, see the
File Access Permission
eaccess() system call uses the
effective user ID and the group access list to authorize the request; the
access() system call uses the real user ID in place
of the effective user ID, the real group ID in place of the effective group
ID, and the rest of the group access list.
faccessat() system call is equivalent
access() except in the case where
path specifies a relative path. In this case the file
whose accessibility is to be determined is located relative to the directory
associated with the file descriptor fd instead of the
current working directory. If
faccessat() is passed
the special value
AT_FDCWD in the
fd parameter, the current working directory is used
and the behavior is identical to a call to
Values for flag are constructed by a bitwise-inclusive
OR of flags from the following list, defined in
- The checks for accessibility are performed using the effective user and
group IDs instead of the real user and group ID as required in a call to
- Only walk paths below the directory specified by the
fd descriptor. See the description of the
O_RESOLVE_BENEATH flag in the
- If the path argument is an empty string, operate on
the file or directory referenced by the descriptor
fd. If fd is equal to
AT_FDCWD, operate on the current working
Even if a process's real or effective user has appropriate
privileges and indicates success for
Upon successful completion, the value 0 is returned; otherwise the
value -1 is returned and the global variable
errno is set to indicate the error.
X_OK, the file
may not actually have execute permission bits set. Likewise for
faccessat() will fail if:
- The value of the mode argument is invalid.
- A component of the path prefix is not a directory.
- A component of a pathname exceeded 255 characters, or an entire path name
exceeded 1023 characters.
- The named file does not exist.
- Too many symbolic links were encountered in translating the pathname.
- Write access is requested for a file on a read-only file system.
- Write access is requested for a pure procedure (shared text) file
presently being executed.
- Permission bits of the file mode do not permit the requested access, or
search permission is denied on a component of the path prefix.
- The path argument points outside the process's
allocated address space.
- An I/O error occurred while reading from or writing to the file
- Corrupted data was detected while reading from the file system.
faccessat() system call may fail
- The path argument does not specify an absolute path
and the fd argument is neither
AT_FDCWD nor a valid file descriptor.
- The value of the flag argument is not valid.
- The path argument is not an absolute path and
fd is neither
AT_FDCWD nor a
file descriptor associated with a directory.
- path is an absolute path, or contained a
".." component leading to a directory outside of the directory
hierarchy specified by fd, and the process is in
access() system call is expected to conform to
IEEE Std 1003.1-1990 (“POSIX.1”). The
faccessat() system call follows The Open Group
Extended API Set 2 specification.
access() function appeared in
Version 7 AT&T UNIX. The
faccessat() system call appeared in
access() system call is a potential security hole
due to race conditions and should never be used. Set-user-ID and set-group-ID
applications should restore the effective user or group ID, and perform
actions directly rather than use
access() to simulate
access checks for the real user or group ID. The
eaccess() system call likewise may be subject to races
if used inappropriately.
access() remains useful for providing
clues to users as to whether operations make sense for particular filesystem
objects (e.g. 'delete' menu item only highlighted in a writable folder ...
avoiding interpretation of the st_mode bits that the application might not
understand -- e.g. in the case of AFS). It also allows a cheaper file
existence test than