Provided by: libglobus-gsi-sysconfig-doc_5.3-3_all 
NAME
Functions for UNIX platforms -
UNIX - Set Key Permissions
globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char *filename)
UNIX - Get User ID
globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char **user_id_string)
UNIX - Get Username
globus_result_t globus_gsi_sysconfig_get_username_unix (char **username)
UNIX - Get Process ID
globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char **proc_id_string)
UNIX - Make Absolute Path
globus_result_t globus_gsi_sysconfig_make_absolute_path_for_filename_unix (char *filename,
char **absolute_path)
UNIX - Split Directory and Filename
globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char *full_filename,
char **dir_string, char **filename_string)
UNIX - Get Current Working Directory
globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char **working_dir)
UNIX - Get HOME Directory
globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char **home_dir)
UNIX - File Exists
globus_result_t globus_gsi_sysconfig_file_exists_unix (const char *filename)
UNIX - Directory Exists
globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char *filename)
UNIX - Check File Status for Key
globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char *filename)
UNIX - Check File Status for Cert
globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char *filename)
UNIX - Get Trusted CA Cert Dir
globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char **cert_dir)
UNIX - Get User Certificate and Key Filenames
globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char **user_cert, char
**user_key)
UNIX - Get Host Certificate and Key Filenames
globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char **host_cert, char
**host_key)
UNIX - Get Service Certificate and Key Filenames
globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix (char *service_name,
char **service_cert, char **service_key)
UNIX - Get Proxy Filename
globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char **user_proxy,
globus_gsi_proxy_file_type_t proxy_file_type)
UNIX - Get Signing Policy Filename
globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix (X509_NAME *ca_name,
char *cert_dir, char **signing_policy_filename)
UNIX - Get CA Cert Filenames
globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char *ca_cert_dir,
globus_fifo_t *ca_cert_list)
UNIX - Remove all proxies owned by current uid
globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char *default_filename)
UNIX - Check if the current user is root
globus_result_t globus_gsi_sysconfig_is_superuser_unix (int *is_superuser)
UNIX - Get the path and file name of the grid map file
globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char **filename)
UNIX - Get the path and file name of the authorization callback configuration file
globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char **filename)
globus_result_t globus_gsi_sysconfig_get_authz_lib_conf_filename_unix (char **filename)
UNIX - Get the path and file name of the gaa configuration file
globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char **filename)
Detailed Description
These functions implement the UNIX version of the Globus GSI System Configuration API.
They should never be called directly, please use the provided platform independent
defines.
Function Documentation
globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char *filename)
Set the file permissions of a file to read-write only by the user which are the
permissions that should be set for all private keys.
Parameters:
filename
Returns:
GLOBUS_SUCCESS or an error object id
References GLOBUS_GSI_SYSCONFIG_ERROR_ERRNO, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_HAS_CHANGED,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_HAS_LINKS, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_IS_DIR,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_REGULAR, GLOBUS_GSI_SYSCONFIG_ERROR_SETTING_PERMS, and
GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char **user_id_string)
Get a unique string representing the current user. This is just the uid converted to a
string.
Parameters:
user_id_string A unique string representing the user
Returns:
GLOBUS_SUCCESS unless an error occurred
globus_result_t globus_gsi_sysconfig_get_username_unix (char **username)
Get the username of the current user.
Parameters:
username This parameter will contain the current user name upon a successful return.
It is the users responsibility to free memory allocated for this return value.
Returns:
GLOBUS_SUCCESS unless an error occurred
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_PW_ENTRY, and
globus_gsi_sysconfig_get_username_unix().
globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char **proc_id_string)
Get a unique string representing the current process. This is just the pid converted to a
string.
Parameters:
proc_id_string A unique string representing the process
Returns:
GLOBUS_SUCCESS unless an error occurred
globus_result_t globus_gsi_sysconfig_make_absolute_path_for_filename_unix (char *filename,
char **absolute_path)
Make the filename into an absolute path string based on the current working directory.
Parameters:
filename the filename to get the absolute path of.
absolute_path The resulting absolute path. This needs to be freed when no longer
needed.
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CWD, and
GLOBUS_GSI_SYSCONFIG_GET_CURRENT_WORKING_DIR.
globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char *full_filename, char
**dir_string, char **filename_string)
Split the directory and filename portions of a filename string into two separate strings.
Parameters:
full_filename The filename to split. Splits on the last occurrance of '/' where the
directory is everything before the last '/', and the filename is everything after.
dir_string The directory portion of the filename string. If no '/' is found throughout
the string, this variable points to NULL. This needs to be freed when no longer
needed.
filename_string The filename portion of the filename string. If no '/' is found
throughout, this variable is a duplicate of the full_filename parameter. This needs to
be freed when no longer needed.
Returns:
GLOBUS_SUCCESS if no error occurred. Otherwise an error object ID is returned.
globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char **working_dir)
Get the current working directory on the system.
Parameters:
working_dir The current working directory
Returns:
GLOBUS_SUCCESS or an error object identifier
References GLOBUS_GSI_SYSCONFIG_ERROR_ERRNO, and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char **home_dir)
Get the HOME Directory of the current user. Should be the $HOME environment variable.
Parameters:
home_dir The home directory of the current user
Returns:
GLOBUS_SUCCESS if no error occured, otherwise an error object is returned.
References GLOBUS_GSI_SYSCONFIG_DIR_EXISTS, GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_HOME_DIR,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_PW_ENTRY, and globus_gsi_sysconfig_get_home_dir_unix().
globus_result_t globus_gsi_sysconfig_file_exists_unix (const char *filename)
Check if the file exists.
Parameters:
filename The filename of the file to check for
Returns:
GLOBUS_SUCCESS if the file exists and is readable, otherwise an error object
identifier
References GLOBUS_GSI_SYSCONFIG_ERROR_CHECKING_FILE_EXISTS,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_BAD_PERMISSIONS,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_DOES_NOT_EXIST, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_IS_DIR,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_REGULAR, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_ZERO_LENGTH,
globus_gsi_sysconfig_file_exists_unix(), and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char *filename)
Check if the directory exists.
Parameters:
filename The filename of the directory to check for
Returns:
GLOBUS_SUCCESS if the directory exists, otherwise an error object identifier.
References globus_gsi_sysconfig_dir_exists_unix(),
GLOBUS_GSI_SYSCONFIG_ERROR_CHECKING_FILE_EXISTS,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_BAD_PERMISSIONS,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_DOES_NOT_EXIST, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_DIR,
and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char *filename)
This is a convenience function used to check the status of a private key file. The desired
status is only the current user has ownership and read permissions, everyone else should
not be able to access it.
Parameters:
filename The name of the file to check the status of
Returns:
GLOBUS_SUCCESS if the status of the file was able to be determined. Otherwise, an
error object identifier
References GLOBUS_GSI_SYSCONFIG_ERROR_FILE_BAD_PERMISSIONS,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_DOES_NOT_EXIST, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_IS_DIR,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_OWNED, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_REGULAR,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_ZERO_LENGTH,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_KEY_STRING, globus_gsi_sysconfig_file_exists_unix(),
and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char *filename)
This is a convenience function used to check the status of a certificate file. The desired
status is the current user has ownership and read/write permissions, while group and
others only have read permissions.
Parameters:
filename The name of the file to check the status of
Returns:
GLOBUS_SUCCESS if the status of the file was able to be determined. Otherwise, an
error object identifier
References GLOBUS_GSI_SYSCONFIG_ERROR_FILE_BAD_PERMISSIONS,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_DOES_NOT_EXIST, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_IS_DIR,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_OWNED, GLOBUS_GSI_SYSCONFIG_ERROR_FILE_NOT_REGULAR,
GLOBUS_GSI_SYSCONFIG_ERROR_FILE_ZERO_LENGTH,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_FILENAME, globus_gsi_sysconfig_file_exists_unix(),
and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char **cert_dir)
Get the Trusted Certificate Directory containing the trusted Certificate Authority
certificates. This directory is determined in the order shown below. Failure in one method
results in attempting the next.
1. X509_CERT_DIR environment variable - if this is set, the trusted certificates will be
searched for in that directory. This variable allows the end user to specify the
location of trusted certificates.
2. $HOME/.globus/certificates - If this directory exists, and the previous methods of
determining the trusted certs directory failed, this directory will be used.
3. /etc/grid-security/certificates - This location is intended to be independent of the
globus installation ($GLOBUS_LOCATION), and is generally only writeable by the host
system administrator.
4. $GLOBUS_LOCATION/share/certificates
Parameters:
cert_dir The trusted certificates directory
Returns:
GLOBUS_SUCCESS if no error occurred, and a sufficient trusted certificates directory
was found. Otherwise, an error object identifier returned.
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_DIR, and
GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char **user_cert, char
**user_key)
Get the User Certificate Filename based on the current user's environment. The following
locations are searched for cert and key files in order:
1. environment variables X509_USER_CERT and X509_USER_KEY
2. $HOME/.globus/usercert.pem and $HOME/.globus/userkey.pem
3. $HOME/.globus/usercred.p12 - this is a PKCS12 credential
Parameters:
user_cert pointer the filename of the user certificate
user_key pointer to the filename of the user key
Returns:
GLOBUS_SUCCESS if the cert and key files were found in one of the possible locations,
otherwise an error object identifier is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_STRING,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_KEY_STRING, and GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char **host_cert, char
**host_key)
Get the Host Certificate and Key Filenames based on the current user's environment. The
host cert and key are searched for in the following locations (in order):
1. X509_USER_CERT and X509_USER_KEY environment variables
2. registry keys x509_user_cert and x509_user_key in software\Globus\GSI
3. \<GLOBUS_LOCATION\>\etc\host[cert|key].pem
4. \<users home directory\>globus\host[cert|key].pem
Parameters:
host_cert pointer to the host certificate filename
host_key pointer to the host key filename
Returns:
GLOBUS_SUCCESS if the host cert and key were found, otherwise an error object
identifier is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_FILENAME,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_STRING,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_KEY_STRING, and GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix (char *service_name, char
**service_cert, char **service_key)
Get the Service Certificate Filename based on the current user's environment. The host
cert and key are searched for in the following locations (in order):
1. X509_USER_CERT and X509_USER_KEY environment variables
2. \/etc\/grid-security\/{service_name}\/{service_name}[cert|key].pem
3. GLOBUS_LOCATION\/etc\/{service_name}\/{service_name}[cert|key].pem So for example, if
my service was named: myservice, the location of the certificate would be:
GLOBUS_LOCATION\/etc\/myservice\/myservicecert.pem
4. \<users home\>\/.globus\/{service_name}\/{service_name}[cert|key].pem
Parameters:
service_name The name of the service which allows us to determine the locations of
cert and key files to look for
service_cert pointer to the host certificate filename
service_key pointer to the host key filename
Returns:
GLOBUS_SUCCESS if the service cert and key were found, otherwise an error object
identifier
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_FILENAME,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CERT_STRING,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_KEY_STRING, GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR, and
GLOBUS_GSI_SYSCONFIG_INVALID_ARG.
globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char **user_proxy,
globus_gsi_proxy_file_type_tproxy_file_type)
Get the proxy cert filename based on the following search order:
1. X509_USER_PROXY environment variable - This environment variable is set by the at run
time for the specific application. If the proxy_file_type variable is set to
GLOBUS_PROXY_OUTPUT (a proxy filename for writing is requested), and the
X509_USER_PROXY is set, this will be the resulting value of the user_proxy filename
string passed in. If the proxy_file_type is set to GLOBUS_PROXY_INPUT and
X509_USER_PROXY is set, but the file it points to does not exist, or has some other
readability issues, the function will continue checking using the other methods
available.
2. Check the default location for the proxy file of \/tmp\/x509_u\<user_id\> where \<user
id\> is some unique string for that user on the host
Parameters:
user_proxy the proxy filename of the user
proxy_file_type Switch for determining whether to return a existing proxy filename or
if a filename suitable for creating a proxy should be returned
Returns:
GLOBUS_SUCCESS or an error object identifier
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_PROXY_FILENAME,
GLOBUS_GSI_SYSCONFIG_GET_USER_ID_STRING, GLOBUS_PROXY_FILE_INPUT, and
GLOBUS_PROXY_FILE_OUTPUT.
globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix (X509_NAME *ca_name,
char *cert_dir, char **signing_policy_filename)
Get the Signing Policy Filename on the current system, based on the CA's subject name, and
the trusted certificates directory.
Parameters:
ca_name The X509 subject name of the CA to get the signing policy of. The hash of the
CA is generated from this
cert_dir The trusted CA certificates directory, containing the singing_policy files of
the trusted CA's.
signing_policy_filename The resulting singing_policy filename
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_SIGNING_POLICY,
GLOBUS_GSI_SYSCONFIG_FILE_EXISTS, and GLOBUS_GSI_SYSCONFIG_GET_CERT_DIR.
globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char *ca_cert_dir, globus_fifo_t
*ca_cert_list)
Gets a list of trusted CA certificate filenames in a trusted CA certificate directory.
Parameters:
ca_cert_dir The trusted CA certificate directory to get the filenames from
ca_cert_list The resulting list of CA certificate filenames. This is a a globus list
structure.
See Also:
globus_fifo_t
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_ERRNO,
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_CA_CERT_FILENAMES,
globus_gsi_sysconfig_file_exists_unix(), and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char *default_filename)
Removes all proxies (ie. all delegated and grid-proxy-init generated proxies) found in the
secure tmp directory that are owned by the current user.
Parameters:
default_filename The filename of the default proxy
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_ERRNO, and GLOBUS_GSI_SYSCONFIG_MODULE.
globus_result_t globus_gsi_sysconfig_is_superuser_unix (int *is_superuser)
Checks whether the current user is root.
Parameters:
is_superuser 1 if the user is the superuser 0 if not
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char **filename)
Get the path and file name of the grid map file.
Parameters:
filename Contains the location of the grid map file upon successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_GRIDMAP_FILENAME, and
GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char **filename)
Get the path and file name of the authorization callback configuration file.
Parameters:
filename Contains the location of the authorization callback configuration file upon
successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_AUTHZ_FILENAME,
GLOBUS_GSI_SYSCONFIG_FILE_EXISTS, and GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
globus_result_t globus_gsi_sysconfig_get_authz_lib_conf_filename_unix (char **filename)
Get the path and file name of the authorization callback configuration file.
Parameters:
filename Contains the location of the authorization callback configuration file upon
successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_AUTHZ_LIB_FILENAME,
GLOBUS_GSI_SYSCONFIG_FILE_EXISTS, and GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char **filename)
Get the path and file name of the GAA configuration file.
Parameters:
filename Contains the location of the GAA callback configuration file upon successful
return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned
References globus_gsi_sysconfig_check_certfile_unix(),
GLOBUS_GSI_SYSCONFIG_ERROR_GETTING_GAA_FILENAME, GLOBUS_GSI_SYSCONFIG_FILE_EXISTS, and
GLOBUS_GSI_SYSCONFIG_GET_HOME_DIR.
Author
Generated automatically by Doxygen for globus gsi sysconfig from the source code.