/[pdpsoft]/trunk/grid-mw-security/cgul/fileutil/fileutil.h
ViewVC logotype

Contents of /trunk/grid-mw-security/cgul/fileutil/fileutil.h

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1510 - (show annotations) (download) (as text)
Sun Feb 14 12:31:32 2010 UTC (12 years, 5 months ago) by msalle
File MIME type: text/x-csrc
File size: 5267 byte(s)
Bringing fileutil back in sync with version in gLExec


1 /**
2 * Copyright (c) Members of the EGEE Collaboration. 2010.
3 * See http://www.eu-egee.org/partners/ for details on the copyright
4 * holders.
5 *
6 * Licensed under the Apache License, Version 2.0 (the "License");
7 * you may not use this file except in compliance with the License.
8 * You may obtain a copy of the License at
9 *
10 * http://www.apache.org/licenses/LICENSE-2.0
11 *
12 * Unless required by applicable law or agreed to in writing, software
13 * distributed under the License is distributed on an "AS IS" BASIS,
14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 * See the License for the specific language governing permissions and
16 * limitations under the License.
17 *
18 * Authors: Oscar Koeroo, Mischa Sall\'e, Aram Verstegen
19 * NIKHEF Amsterdam, the Netherlands
20 * <grid-mw-security@nikhef.nl>
21 */
22
23 #ifndef _FILEUTIL_H_
24 #define _FILEUTIL_H_
25
26 #define LCK_NOLOCK 1<<0 /* Make special flag, then we can specify it as lock_type */
27 #define LCK_FCNTL 1<<1
28 #define LCK_FLOCK 1<<2
29
30 #define LCK_READ 1<<0
31 #define LCK_WRITE 1<<1
32 #define LCK_UNLOCK 1<<2
33
34 /**
35 * Does given lock action on file given by filedescriptor fd using mechanism
36 * defined by lock_type. lock_type can be a multiple types in which case they
37 * will be all used. LCK_NOLOCK is a special lock type which just does nothing
38 * and will not be combined with others. Valid lock types:
39 * LCK_NOLOCK - no locking
40 * LCK_FCNTL - fcntl() locking
41 * LCK_FLOCK - flock() locking
42 * Valid actions are:
43 * LCK_READ - set shared read lock
44 * LCK_WRITE - set exclusive write lock
45 * LCK_UNLOCK - unset lock
46 * Locks are exclusive for writing and shared for reading: multiple processes
47 * can read simultaneously, but writing is exclusive, both for reading and
48 * writing.
49 * Returns -1 on error, 0 on success.
50 */
51 int cgul_filelock(int fd, int lock_type, int action);
52
53 /**
54 * Reads proxy from *path using given lock_type (see cgul_filelock). It tries to
55 * drop privilege to real-uid/real-gid when euid==0 and uid!=0.
56 * Space needed will be malloc-ed.
57 * Upon successful completion config contains the contents of path.
58 * Return values:
59 * 0: success
60 * -1: I/O error
61 * -2: privilege-drop error
62 * -3: permissions error
63 * -4: memory error
64 * -5: too many retries needed during reading
65 * -6: locking failed
66 */
67 int cgul_read_proxy(const char *path, int lock_type, char **proxy);
68
69 /**
70 * Used to read in a config file, the path is checked to be trusted using
71 * safe_is_path_trusted_r() from the safefile library of J. Kupsch.
72 * Upon successful completion config contains the contents of the file at path.
73 * trust_uid and trust_gid are mandatory, but can be 0 in which case they are
74 * effectively ignored.
75 * In case userswitching is possible, privilege is dropped to either the trusted
76 * id's when non-zero or to the real uid/gid.
77 * In switching mode the level of trust has to be confidential, otherwise
78 * trusted (=read but not write by untrusted people) is enough.
79 * Trusted means: user= {root,trust_uid,real uid}
80 * group={root,trust_gid}
81 * Return values:
82 * 0: succes
83 * -1: I/O error, including when file changed during reading in any way other
84 * than access time.
85 * -2: privilege-drop error
86 * -3: permission error (untrusted path)
87 * -4: memory error
88 * -5: unknown or safefile error
89 */
90 int cgul_read_config(const char *path, char **config,
91 uid_t trust_uid, gid_t trust_gid);
92
93 /**
94 * Writes proxy from *proxy to *path using given lock_type (see cgul_filelock).
95 * When (e)uid==0 it tries to drop privilege to given write_uid, write_gid. When
96 * either of these is -1, the real uid/gid is used instead, if one of those is
97 * root, the corresponding effective uid/gid is used instead.
98 * Return values:
99 * 0: success
100 * -1: I/O error
101 * -2: privilege-drop error
102 * -3: permissions error, including file directly in / or not absolute
103 * -4: memory error
104 * -6: locking failed
105 */
106 int cgul_write_proxy(const char *path, int lock_type, const char *proxy,
107 int write_uid, int write_gid);
108
109 /**
110 * Writes proxy to unique filename created from path_template using mkstemp().
111 * path_template will be overridden with the actual filename.
112 * When (e)uid==0 it tries to drop privilege to given write_uid, write_gid. When
113 * either of these is -1, the real uid/gid is used instead, if one of those is
114 * root, the corresponding effective uid/gid is used instead.
115 * Any directory in path_template will be attempted to be created if it doesn't
116 * exist, with mode 0600.
117 * Return values:
118 * 0: success
119 * -1: I/O error, this includes a failure of mkstemp which can be due to a
120 * wrong template. It MUST contain 6 consecutive X's.
121 * -2: privilege-drop error
122 * -3: illegal path_template: in / or not absolute.
123 * -4: memory error
124 * -5: invalid template: it MUST end with 6 X's
125 */
126 int cgul_write_uniq_proxy(char *path_template, const char *proxy,
127 int write_uid, int write_gid);
128
129 /**
130 * Behaviour as mkdir -p: create parents where needed.
131 * Return values:
132 * 0: success
133 * -1: result is not a directory
134 * -3: absolutedir is not absolute (does not start with '/')
135 * -4: out of memory
136 */
137 int cgul_mkdir_with_parents(const char *absolutedir, mode_t mode);
138
139 #endif /* _FILEUTIL_H_ */

grid.support@nikhef.nl
ViewVC Help
Powered by ViewVC 1.1.28