.TH "globus_gsi_sysconfig_unix" 3 "Tue Dec 15 2020" "Version 9.3" "globus_gsi_sysconfig" \" -*- nroff -*- .ad l .nh .SH NAME globus_gsi_sysconfig_unix \- Functions for UNIX platforms .PP \- Functions for UNIX platforms\&. .SH SYNOPSIS .br .PP .SS "Functions" .in +1c .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_set_key_permissions_unix\fP (char *filename)" .br .RI "UNIX - Set Key Permissions\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_user_id_string_unix\fP (char **user_id_string)" .br .RI "UNIX - Get User ID\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_username_unix\fP (char **username)" .br .RI "UNIX - Get Username\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_proc_id_string_unix\fP (char **proc_id_string)" .br .RI "UNIX - Get Process ID\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_make_absolute_path_for_filename_unix\fP (char *filename, char **absolute_path)" .br .RI "UNIX - Make Absolute Path\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_split_dir_and_filename_unix\fP (char *full_filename, char **dir_string, char **filename_string)" .br .RI "UNIX - Split Directory and Filename\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_current_working_dir_unix\fP (char **working_dir)" .br .RI "UNIX - Get Current Working Directory\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_home_dir_unix\fP (char **home_dir)" .br .RI "UNIX - Get HOME Directory .PP Get the HOME Directory of the current user\&. Should be the $HOME environment variable\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_file_exists_unix\fP (const char *filename)" .br .RI "UNIX - File Exists\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_dir_exists_unix\fP (const char *filename)" .br .RI "UNIX - Directory Exists\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_check_keyfile_unix\fP (const char *filename)" .br .RI "UNIX - Check File Status for Key\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_check_keyfile_uid_unix\fP (const char *filename, uid_t uid)" .br .RI "UNIX - Check File Status for Key\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_check_certfile_unix\fP (const char *filename)" .br .RI "UNIX - Check File Status for Cert\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_check_certfile_uid_unix\fP (const char *filename, uid_t uid)" .br .RI "UNIX - Check File Status for Cert\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_cert_dir_unix\fP (char **cert_dir)" .br .RI "UNIX - Get Trusted CA Cert Dir\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_user_cert_filename_unix\fP (char **user_cert, char **user_key)" .br .RI "UNIX - Get User Certificate and Key Filenames\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_host_cert_filename_unix\fP (char **host_cert, char **host_key)" .br .RI "UNIX - Get Host Certificate and Key Filenames\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_service_cert_filename_unix\fP (char *service_name, char **service_cert, char **service_key)" .br .RI "UNIX - Get Service Certificate and Key Filenames\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_proxy_filename_unix\fP (char **user_proxy, \fBglobus_gsi_proxy_file_type_t\fP proxy_file_type)" .br .RI "UNIX - Get Proxy Filename\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_signing_policy_filename_unix\fP (X509_NAME *ca_name, char *cert_dir, char **signing_policy_filename)" .br .RI "UNIX - Get Signing Policy Filename\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_ca_cert_files_unix\fP (char *ca_cert_dir, globus_fifo_t *ca_cert_list)" .br .RI "UNIX - Get CA Cert Filenames\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_remove_all_owned_files_unix\fP (char *default_filename)" .br .RI "UNIX - Remove all proxies owned by current uid\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_is_superuser_unix\fP (int *is_superuser)" .br .RI "UNIX - Check if the current user is root\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_gridmap_filename_unix\fP (char **filename)" .br .RI "UNIX - Get the path and file name of the grid map file\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_authz_conf_filename_unix\fP (char **filename)" .br .RI "UNIX - Get the path of authorization callback configuration\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_authz_lib_conf_filename_unix\fP (char **filename)" .br .RI "UNIX - Get the path and file name of the authorization callback configuration file\&. " .ti -1c .RI "globus_result_t \fBglobus_gsi_sysconfig_get_gaa_conf_filename_unix\fP (char **filename)" .br .RI "UNIX - Get the path and file name of the gaa configuration file\&. " .in -1c .SH "Detailed Description" .PP Functions for UNIX platforms\&. These functions implement the UNIX version of the Globus GSI System Configuration API\&. \fBThey should never be called directly, please use the provided platform independent defines\&.\fP .SH "Function Documentation" .PP .SS "globus_result_t globus_gsi_sysconfig_check_certfile_uid_unix (const char * filename, uid_t uid)" .PP UNIX - Check File Status for Cert\&. This is a convenience function used to check the status of a certificate file\&. The desired status is the current user has ownership and read/write permissions, while group and others only have read permissions\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP The name of the file to check the status of .br \fIuid\fP The user id that may be the owner of the file .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the status of the file was able to be determined\&. Otherwise, an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char * filename)" .PP UNIX - Check File Status for Cert\&. This is a convenience function used to check the status of a certificate file\&. The desired status is the current user has ownership and read/write permissions, while group and others only have read permissions\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP The name of the file to check the status of .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the status of the file was able to be determined\&. Otherwise, an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_check_keyfile_uid_unix (const char * filename, uid_t uid)" .PP UNIX - Check File Status for Key\&. This is a convenience function used to check the status of a private key file\&. The desired status is only the specified user has ownership and read permissions, everyone else should not be able to access it\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP The name of the file to check the status of .br \fIuid\fP The owner of the file to check the status of .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the status of the file was able to be determined\&. Otherwise, an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char * filename)" .PP UNIX - Check File Status for Key\&. This is a convenience function used to check the status of a private key file\&. The desired status is only the current user has ownership and read permissions, everyone else should not be able to access it\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP The name of the file to check the status of .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the status of the file was able to be determined\&. Otherwise, an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char * filename)" .PP UNIX - Directory Exists\&. Check if the directory exists .PP \fBParameters\fP .RS 4 \fIfilename\fP The filename of the directory to check for .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the directory exists, otherwise an error object identifier\&. .RE .PP .SS "globus_result_t globus_gsi_sysconfig_file_exists_unix (const char * filename)" .PP UNIX - File Exists\&. Check if the file exists .PP \fBParameters\fP .RS 4 \fIfilename\fP The filename of the file to check for .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the file exists and is readable, otherwise an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char ** filename)" .PP UNIX - Get the path of authorization callback configuration\&. Get the path and file name of the authorization callback configuration file .PP \fBParameters\fP .RS 4 \fIfilename\fP Contains the location of the authorization callback configuration file upon successful return .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_authz_lib_conf_filename_unix (char ** filename)" .PP UNIX - Get the path and file name of the authorization callback configuration file\&. Get the path and file name of the authorization callback configuration file .PP \fBParameters\fP .RS 4 \fIfilename\fP Contains the location of the authorization callback configuration file upon successful return .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char * ca_cert_dir, globus_fifo_t * ca_cert_list)" .PP UNIX - Get CA Cert Filenames\&. Gets a list of trusted CA certificate filenames in a trusted CA certificate directory\&. .br .PP \fBParameters\fP .RS 4 \fIca_cert_dir\fP The trusted CA certificate directory to get the filenames from .br \fIca_cert_list\fP The resulting list of CA certificate filenames\&. This is a a globus list structure\&. .br .RE .PP \fBSee also\fP .RS 4 globus_fifo_t .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char ** cert_dir)" .PP UNIX - Get Trusted CA Cert Dir\&. Get the Trusted Certificate Directory containing the trusted Certificate Authority certificates\&. This directory is determined in the order shown below\&. Failure in one method results in attempting the next\&. .PP .PD 0 .IP "1." 4 \fBX509_CERT_DIR environment variable\fP - if this is set, the trusted certificates will be searched for in that directory\&. This variable allows the end user to specify the location of trusted certificates\&. .IP "2." 4 \fB$HOME/\&.globus/certificates\fP - If this directory exists, and the previous methods of determining the trusted certs directory failed, this directory will be used\&. .br .IP "3." 4 \fB/etc/grid-security/certificates\fP - This location is intended to be independent of the globus installation ($GLOBUS_LOCATION), and is generally only writeable by the host system administrator\&. .br .IP "4." 4 \fB$GLOBUS_LOCATION/share/certificates\fP .PP .PP \fBParameters\fP .RS 4 \fIcert_dir\fP The trusted certificates directory .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, and a sufficient trusted certificates directory was found\&. Otherwise, an error object identifier returned\&. .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char ** working_dir)" .PP UNIX - Get Current Working Directory\&. Get the current working directory on the system\&. .br .PP \fBParameters\fP .RS 4 \fIworking_dir\fP The current working directory .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS or an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char ** filename)" .PP UNIX - Get the path and file name of the gaa configuration file\&. Get the path and file name of the GAA configuration file .PP \fBParameters\fP .RS 4 \fIfilename\fP Contains the location of the GAA callback configuration file upon successful return .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char ** filename)" .PP UNIX - Get the path and file name of the grid map file\&. Get the path and file name of the grid map file\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP Contains the location of the grid map file upon successful return .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char ** home_dir)" .PP UNIX - Get HOME Directory .PP Get the HOME Directory of the current user\&. Should be the $HOME environment variable\&. .PP \fBParameters\fP .RS 4 \fIhome_dir\fP The home directory of the current user .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occured, otherwise an error object is returned\&. .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char ** host_cert, char ** host_key)" .PP UNIX - Get Host Certificate and Key Filenames\&. Get the Host Certificate and Key Filenames based on the current user's environment\&. The host cert and key are searched for in the following locations (in order): .PP .PD 0 .IP "1." 4 X509_USER_CERT and X509_USER_KEY environment variables .IP "2." 4 \fI$GLOBUS_LOCATION\fP/etc/host[cert|key]\&.pem .IP "3." 4 \fI$HOME\fP/\&.globus/host[cert|key]\&.pem .PP .PP \fBParameters\fP .RS 4 \fIhost_cert\fP pointer to the host certificate filename .br \fIhost_key\fP pointer to the host key filename .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the host cert and key were found, otherwise an error object identifier is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char ** proc_id_string)" .PP UNIX - Get Process ID\&. Get a unique string representing the current process\&. This is just the pid converted to a string\&. .br .PP \fBParameters\fP .RS 4 \fIproc_id_string\fP A unique string representing the process .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS unless an error occurred .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char ** user_proxy, \fBglobus_gsi_proxy_file_type_t\fP proxy_file_type)" .PP UNIX - Get Proxy Filename\&. Get the proxy cert filename based on the following search order: .PP .PD 0 .IP "1." 4 X509_USER_PROXY environment variable - This environment variable is set by the at run time for the specific application\&. If the proxy_file_type variable is set to GLOBUS_PROXY_OUTPUT (a proxy filename for writing is requested), and the X509_USER_PROXY is set, this will be the resulting value of the user_proxy filename string passed in\&. If the proxy_file_type is set to GLOBUS_PROXY_INPUT and X509_USER_PROXY is set, but the file it points to does not exist, or has some other readability issues, the function will continue checking using the other methods available\&. .PP .IP "2." 4 Check the default location for the proxy file of \\/tmp\\/x509_u\\ where \\ is some unique string for that user on the host .PP .PP \fBParameters\fP .RS 4 \fIuser_proxy\fP the proxy filename of the user .br \fIproxy_file_type\fP Switch for determining whether to return a existing proxy filename or if a filename suitable for creating a proxy should be returned .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS or an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix (char * service_name, char ** service_cert, char ** service_key)" .PP UNIX - Get Service Certificate and Key Filenames\&. Get the Service Certificate Filename based on the current user's environment\&. The host cert and key are searched for in the following locations (in order): .PP .PD 0 .IP "1." 4 X509_USER_CERT and X509_USER_KEY environment variables .IP "2." 4 \\/etc\\/grid-security\\/{service_name}\\/{service_name}[cert|key]\&.pem .IP "3." 4 GLOBUS_LOCATION\\/etc\\/{service_name}\\/{service_name}[cert|key]\&.pem So for example, if my service was named: myservice, the location of the certificate would be: GLOBUS_LOCATION\\/etc\\/myservice\\/myservicecert\&.pem .IP "4." 4 \\\\/\&.globus\\/{service_name}\\/{service_name}[cert|key]\&.pem .PP .PP \fBParameters\fP .RS 4 \fIservice_name\fP The name of the service which allows us to determine the locations of cert and key files to look for .br \fIservice_cert\fP pointer to the host certificate filename .br \fIservice_key\fP pointer to the host key filename .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the service cert and key were found, otherwise an error object identifier .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix (X509_NAME * ca_name, char * cert_dir, char ** signing_policy_filename)" .PP UNIX - Get Signing Policy Filename\&. Get the Signing Policy Filename on the current system, based on the CA's subject name, and the trusted certificates directory .PP \fBParameters\fP .RS 4 \fIca_name\fP The X509 subject name of the CA to get the signing policy of\&. The hash of the CA is generated from this .br \fIcert_dir\fP The trusted CA certificates directory, containing the singing_policy files of the trusted CA's\&. .br \fIsigning_policy_filename\fP The resulting singing_policy filename .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char ** user_cert, char ** user_key)" .PP UNIX - Get User Certificate and Key Filenames\&. Get the User Certificate Filename based on the current user's environment\&. The following locations are searched for cert and key files in order: .PP .PD 0 .IP "1." 4 environment variables X509_USER_CERT and X509_USER_KEY .IP "2." 4 $HOME/\&.globus/usercert\&.pem and $HOME/\&.globus/userkey\&.pem .IP "3." 4 $HOME/\&.globus/usercred\&.p12 - this is a PKCS12 credential .PP .PP \fBParameters\fP .RS 4 \fIuser_cert\fP pointer the filename of the user certificate .br \fIuser_key\fP pointer to the filename of the user key .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if the cert and key files were found in one of the possible locations, otherwise an error object identifier is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char ** user_id_string)" .PP UNIX - Get User ID\&. Get a unique string representing the current user\&. This is just the uid converted to a string\&. .br .PP \fBParameters\fP .RS 4 \fIuser_id_string\fP A unique string representing the user .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS unless an error occurred .RE .PP .SS "globus_result_t globus_gsi_sysconfig_get_username_unix (char ** username)" .PP UNIX - Get Username\&. Get the username of the current user\&. .PP \fBParameters\fP .RS 4 \fIusername\fP This parameter will contain the current user name upon a successful return\&. It is the users responsibility to free memory allocated for this return value\&. .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS unless an error occurred .RE .PP .SS "globus_result_t globus_gsi_sysconfig_is_superuser_unix (int * is_superuser)" .PP UNIX - Check if the current user is root\&. Checks whether the current user is root\&. .PP \fBParameters\fP .RS 4 \fIis_superuser\fP 1 if the user is the superuser 0 if not .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_make_absolute_path_for_filename_unix (char * filename, char ** absolute_path)" .PP UNIX - Make Absolute Path\&. Make the filename into an absolute path string based on the current working directory\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP the filename to get the absolute path of\&. .br .br \fIabsolute_path\fP The resulting absolute path\&. This needs to be freed when no longer needed\&. .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char * default_filename)" .PP UNIX - Remove all proxies owned by current uid\&. Removes all proxies (ie\&. all delegated and grid-proxy-init generated proxies) found in the secure tmp directory that are owned by the current user\&. .PP \fBParameters\fP .RS 4 \fIdefault_filename\fP The filename of the default proxy .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred, otherwise an error object ID is returned .RE .PP .SS "globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char * filename)" .PP UNIX - Set Key Permissions\&. Set the file permissions of a file to read-write only by the user which are the permissions that should be set for all private keys\&. .PP \fBParameters\fP .RS 4 \fIfilename\fP .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS or an error object id .RE .PP .SS "globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char * full_filename, char ** dir_string, char ** filename_string)" .PP UNIX - Split Directory and Filename\&. Split the directory and filename portions of a filename string into two separate strings .PP \fBParameters\fP .RS 4 \fIfull_filename\fP The filename to split\&. Splits on the last occurrence of '/' where the directory is everything before the last '/', and the filename is everything after\&. .br \fIdir_string\fP .br The directory portion of the filename string\&. If no '/' is found throughout the string, this variable points to NULL\&. This needs to be freed when no longer needed\&. .br \fIfilename_string\fP The filename portion of the filename string\&. If no '/' is found throughout, this variable is a duplicate of the full_filename parameter\&. This needs to be freed when no longer needed\&. .RE .PP \fBReturns\fP .RS 4 GLOBUS_SUCCESS if no error occurred\&. Otherwise an error object ID is returned\&. .RE .PP .SH "Author" .PP Generated automatically by Doxygen for globus_gsi_sysconfig from the source code\&.