Functions for UNIX platforms(3)
NAME
Functions for UNIX platforms
- These functions implement the UNIX version of the Globus GSI System
Configuration API. - UNIX - Set Key Permissions
- globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char
*filename)
- UNIX - Get User ID
- globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char
**user_id_string)
- UNIX - Get Username
- globus_result_t globus_gsi_sysconfig_get_username_unix (char
**username)
- UNIX - Get Process ID
- globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char
**proc_id_string)
- UNIX - Make Absolute Path
- globus_result_t
globus_gsi_sysconfig_make_absolute_path_for_filename_unix (char *filename, char **absolute_path)
- UNIX - Split Directory and Filename
- globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char
*full_filename, char **dir_string, char **filename_string)
- UNIX - Get Current Working Directory
- globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char
**working_dir)
- UNIX - Get HOME Directory
- globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char
**home_dir)
- UNIX - File Exists
- globus_result_t globus_gsi_sysconfig_file_exists_unix (const char
*filename)
- UNIX - Directory Exists
- globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char
*filename)
- UNIX - Check File Status for Key
- globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char
*filename)
- UNIX - Check File Status for Cert
- globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char
*filename)
- UNIX - Get Trusted CA Cert Dir
- globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char
**cert_dir)
- UNIX - Get User Certificate and Key Filenames
- globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char
**user_cert, char **user_key)
- UNIX - Get Host Certificate and Key Filenames
- globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char
**host_cert, char **host_key)
- UNIX - Get Service Certificate and Key Filenames
- globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix
(char *service_name, char **service_cert, char **service_key)
- UNIX - Get Proxy Filename
- globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char
**user_proxy, globus_gsi_proxy_file_type_t proxy_file_type)
- UNIX - Get Signing Policy Filename
- globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix
(X509_NAME *ca_name, char *cert_dir, char
**signing_policy_filename) - UNIX - Get CA Cert Filenames
- globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char
*ca_cert_dir, globus_fifo_t *ca_cert_list)
- UNIX - Remove all proxies owned by current uid
- globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char
*default_filename)
- UNIX - Check if the current user is root
- globus_result_t globus_gsi_sysconfig_is_superuser_unix (int
*is_superuser)
- UNIX - Get the path and file name of the grid map file
- globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char
**filename)
- UNIX - Get the path and file name of the authorization callback
- configuration file
globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char**filename) - globus_result_t globus_gsi_sysconfig_get_authz_lib_conf_filename_unix
(char **filename)
- UNIX - Get the path and file name of the gaa configuration file
- globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char
**filename)
Detailed Description
These functions implement the UNIX version of the Globus GSI System
Configuration API.
They should never be called directly, please use the provided platform
independent defines.
Function Documentation
- globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char *
- filename)
Set the file permissions of a file to read-write only by the user which are the permissions that should be set for all private keys.
Parameters:filename - Returns:
GLOBUS_SUCCESS or an error object id
- globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char **
- user_id_string)
Get a unique string representing the current user. This is just the uid converted to a string. - Parameters:
user_id_string A unique string representing the user
- Returns:
GLOBUS_SUCCESS unless an error occurred
- globus_result_t globus_gsi_sysconfig_get_username_unix (char ** username)
- Get the username of the current user. Parameters:
username This parameter will contain the current user name upon a successful return. It is the users responsibility to free memory
allocated for this return value. - Returns:
GLOBUS_SUCCESS unless an error occurred
- globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char **
- proc_id_string)
Get a unique string representing the current process. This is just the pid converted to a string. - Parameters:
proc_id_string A unique string representing the process
- Returns:
GLOBUS_SUCCESS unless an error occurred
- globus_result_t globus_gsi_sysconfig_make_absolute_path_for_filename_unix
- (char * filename, char ** absolute_path)
Make the filename into an absolute path string based on the current
working directory. Parameters:filename the filename to get the absolute path of. absolute_path The resulting absolute path. This needs to be freed when no longer needed. - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char *
- full_filename, char ** dir_string, char ** filename_string)
Split the directory and filename portions of a filename string into two
separate strings. Parameters:
full_filename The filename to split. Splits on the last occurrance of '/' where the directory is everything before the last '/', and
the filename is everything after.
dir_string The directory portion of the filename string. If no '/' is found throughout the string, this variable points to NULL. This needs to be freed when no longer needed.
filename_string The filename portion of the filename string. If no '/' is found throughout, this variable is a duplicate of the
full_filename parameter. This needs to be freed when no longer
needed. - Returns:
GLOBUS_SUCCESS if no error occurred. Otherwise an error object ID
is returned. - globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char **
- working_dir)
Get the current working directory on the system. Parameters:working_dir The current working directory - Returns:
GLOBUS_SUCCESS or an error object identifier
- globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char ** home_dir)
- Get the HOME Directory of the current user. Should be the $HOME
environment variable. - Parameters:
home_dir The home directory of the current user
- Returns:
GLOBUS_SUCCESS if no error occured, otherwise an error object is
returned. - globus_result_t globus_gsi_sysconfig_file_exists_unix (const char *
- filename)
Check if the file exists. Parameters:filename The filename of the file to check for - Returns:
GLOBUS_SUCCESS if the file exists and is readable, otherwise an
error object identifier - globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char *
- filename)
Check if the directory exists. Parameters:filename The filename of the directory to check for - Returns:
GLOBUS_SUCCESS if the directory exists, otherwise an error object
identifier. - globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char *
- filename)
This is a convenience function used to check the status of a private
key file. The desired status is only the current user has ownership and read permissions, everyone else should not be able to access it. - Parameters:
filename The name of the file to check the status of
- Returns:
GLOBUS_SUCCESS if the status of the file was able to be determined. Otherwise, an error object identifier
- globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char *
- filename)
This is a convenience function used to check the status of a
certificate file. The desired status is the current user has ownership and read/write permissions, while group and others only have read
permissions. - Parameters:
filename The name of the file to check the status of
- Returns:
GLOBUS_SUCCESS if the status of the file was able to be determined. Otherwise, an error object identifier
- globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char ** cert_dir)
- Get the Trusted Certificate Directory containing the trusted
Certificate Authority certificates. This directory is determined in the order shown below. Failure in one method results in attempting the
next. - 1. X509_CERT_DIR environment variable - if this is set, the trusted
certificates will be searched for in that directory. This variable
allows the end user to specify the location of trusted
certificates. - 2. $HOME/.globus/certificates - If this directory exists, and the previous methods of determining the trusted certs directory failed, this directory will be used.
- 3. /etc/grid-security/certificates - This location is intended to be
independent of the globus installation ($GLOBUS_LOCATION), and is
generally only writeable by the host system administrator. - 4. $GLOBUS_LOCATION/share/certificates
Parameters:
cert_dir The trusted certificates directory - Returns:
GLOBUS_SUCCESS if no error occurred, and a sufficient trusted
certificates directory was found. Otherwise, an error object
identifier returned. - globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char **
user_cert, char ** user_key)
Get the User Certificate Filename based on the current user's
environment. The following locations are searched for cert and key
files in order:
1. environment variables X509_USER_CERT and X509_USER_KEY
2. $HOME/.globus/usercert.pem and $HOME/.globus/userkey.pem
3. $HOME/.globus/usercred.p12 - this is a PKCS12 credential
Parameters:
user_cert pointer the filename of the user certificate user_key pointer to the filename of the user key - Returns:
GLOBUS_SUCCESS if the cert and key files were found in one of the
possible locations, otherwise an error object identifier is
returned - globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char **
host_cert, char ** host_key)
Get the Host Certificate and Key Filenames based on the current user's
environment. The host cert and key are searched for in the following
locations (in order):
1. X509_USER_CERT and X509_USER_KEY environment variables
2. registry keys x509_user_cert and x509_user_key in
software\Globus\GSI - 3. \<GLOBUS_LOCATION\>\etc\host[cert|key].pem
4. \<users home directory\>\.globus\host[cert|key].pem
Parameters:
host_cert pointer to the host certificate filename host_key pointer to the host key filename - Returns:
GLOBUS_SUCCESS if the host cert and key were found, otherwise an
error object identifier is returned - globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix (char *
service_name, char ** service_cert, char ** service_key)
Get the Service Certificate Filename based on the current user's
environment. The host cert and key are searched for in the following
locations (in order):
1. X509_USER_CERT and X509_USER_KEY environment variables
2. \/etc\/grid-security\/{service_name}\/{service_name}[cert|key].pem 3. GLOBUS_LOCATION\/etc\/{service_name}\/{service_name}[cert|key].pem So for example, if my service was named: myservice, the location of the certificate would be:
GLOBUS_LOCATION\/etc\/myservice\/myservicecert.pem - 4. \<users
home\>\/.globus\/{service_name}\/{service_name}[cert|key].pem - Parameters:
service_name The name of the service which allows us to determine the locations of cert and key files to look for
service_cert pointer to the host certificate filename service_key pointer to the host key filename - Returns:
GLOBUS_SUCCESS if the service cert and key were found, otherwise an error object identifier - globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char **
user_proxy, globus_gsi_proxy_file_type_t proxy_file_type)
Get the proxy cert filename based on the following search order: .PD 0
1. X509_USER_PROXY environment variable - This environment variable is
set by the at run time for the specific application. If the
proxy_file_type variable is set to GLOBUS_PROXY_OUTPUT (a proxy
filename for writing is requested), and the X509_USER_PROXY is set, this will be the resulting value of the user_proxy filename string passed in. If the proxy_file_type is set to GLOBUS_PROXY_INPUT and X509_USER_PROXY is set, but the file it points to does not exist,
or has some other readability issues, the function will continue
checking using the other methods available. - 2. Check the default location for the proxy file of
\/tmp\/x509_u\<user_id\> where \<user id\> is some unique string
for that user on the host - Parameters:
user_proxy the proxy filename of the user
proxy_file_type Switch for determining whether to return a existing proxy filename or if a filename suitable for creating a proxy
should be returned - Returns:
GLOBUS_SUCCESS or an error object identifier - globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix
(X509_NAME * ca_name, char * cert_dir, char ** signing_policy_filename)
Get the Signing Policy Filename on the current system, based on the
CA's subject name, and the trusted certificates directory. Parameters: ca_name The X509 subject name of the CA to get the signing policy of. The hash of the CA is generated from this
cert_dir The trusted CA certificates directory, containing the singing_policy files of the trusted CA's.
signing_policy_filename The resulting singing_policy filename - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID - globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char *
ca_cert_dir, globus_fifo_t * ca_cert_list)
Gets a list of trusted CA certificate filenames in a trusted CA
certificate directory. Parameters:
ca_cert_dir The trusted CA certificate directory to get the filenames from
ca_cert_list The resulting list of CA certificate filenames. This is a a globus list structure. - See also:
globus_fifo_t - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char *
default_filename)
Removes all proxies (ie. all delegated and grid-proxy-init generated
proxies) found in the secure tmp directory that are owned by the
current user.
Parameters:
default_filename The filename of the default proxy - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_is_superuser_unix (int * is_superuser) Checks whether the current user is root. Parameters: is_superuser 1 if the user is the superuser 0 if not
- Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char **
filename)
Get the path and file name of the grid map file. Parameters: filename Contains the location of the grid map file upon successful return - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char **
filename)
Get the path and file name of the authorization callback configuration file. Parameters:
filename Contains the location of the authorization callback configuration file upon successful return - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_get_authz_lib_conf_filename_unix (char
** filename)
Get the path and file name of the authorization callback configuration file. Parameters:
filename Contains the location of the authorization callback configuration file upon successful return - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned - globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char **
filename)
Get the path and file name of the GAA configuration file. Parameters: filename Contains the location of the GAA callback configuration file upon successful return - Returns:
GLOBUS_SUCCESS if no error occurred, otherwise an error object ID
is returned
Author
- Generated automatically by Doxygen for globus gsi sysconfig from the
source code.