Adds an access control entry (ACE) to an object entry's access
 control set (ACS).

 SYNOPSIS

      ADD OBJECT object-name ACCESS principal [AS GROUP]

      [FOR] access

 Arguments

 object-name

 The full name of the object entry.

 principal

 The principal for whom access is being added. You can specify a
 principal as a group name, a collection of principals denoted
 with wildcards (for example, .org.name*), or an individual name
 in the format, nodename.username. To specify a DNS Version 1-style
 principal, use the format nodename::username. The phrase as group
 indicates the specified principal is a group. You cannot use this
 phrase with wildcard principal names.

 access

 The access rights for the specified principal. Rights are read,
 write, delete, test, control, and none, and you can specify them as
 r, w, d, t, c, and non. Separate multiple rights with commas.

 Description

 This command adds an access control entry (ACE) to an object entry's
 access control set. Access rights are defined as follows:

 Read       The principal can look up the object entry by name, read
            any object attribute, and perform wildcard lookups.
 Write      The principal can change any modifiable attribute except
            the ACS.
 Delete     The principal can delete the object entry.
 Test       The principal can check the value of the object entry.
 Control    The principal can alter the object entry's ACS.
 None       The principal does not have access rights.

 You must have control access to the object entry whose ACS is being
 modified.