initR policy

Initializes the new capability with the specified resource SID.

The list of access rights received by the capability owner is passed in the policy configuration.

Only one capability can be initialized for one resource within an ocap family instance.

Type: call policy

Syntax

initR <configuration> (in SID owner, in SID resource)

Parameters

owner	Entity that is declared the capability owner.
resource	Link to the resource that will be associated with the object of the capability.

Policy configuration

<configuration> ::= "{" <type> "," <rights> "}"

<type> ::= "type" ":" <resource-type>

<rights> ::= "rights" ":" "[" <right> {"," <right>} "]"

Configuration elements

<type>	Type that will be assigned to the resource. It must match one of the types in the family instance configuration.
<rights>	List of access rights received by the capability owner. It must be a subset of the list of embedded rights and access rights for the specified resource type in the ocap family instance configuration.

Returned value

KSS_GRANT, if the capability was successfully initialized, otherwise KSS_DENY. The capability will not be initialized in the following cases:

• At least one of the specified SIDs is incorrect.
• A resource SID is already associated with a capability.

All specified restrictions apply only within the ocap family instance.

Page top