table of contents
other versions
- wheezy 5.2-1
- wheezy-backports 6.8-3~bpo70+1
- jessie 6.8-3
- testing 6.11-1
- unstable 6.11-1
Functions for UNIX platforms(3) | globus gsi sysconfig | Functions for UNIX platforms(3) |
NAME¶
Functions for UNIX platforms -UNIX - Set Key Permissions¶
globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char *filename)
UNIX - Get User ID¶
globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char **user_id_string)
UNIX - Get Username¶
globus_result_t globus_gsi_sysconfig_get_username_unix (char **username)
UNIX - Get Process ID¶
globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char **proc_id_string)
UNIX - Make Absolute Path¶
globus_result_t globus_gsi_sysconfig_make_absolute_path_for_filename_unix (char *filename, char **absolute_path)
UNIX - Split Directory and Filename¶
globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char *full_filename, char **dir_string, char **filename_string)
UNIX - Get Current Working Directory¶
globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char **working_dir)
UNIX - Get HOME Directory¶
globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char **home_dir)
UNIX - File Exists¶
globus_result_t globus_gsi_sysconfig_file_exists_unix (const char *filename)
UNIX - Directory Exists¶
globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char *filename)
UNIX - Check File Status for Key¶
globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char *filename)
UNIX - Check File Status for Cert¶
globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char *filename)
UNIX - Get Trusted CA Cert Dir¶
globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char **cert_dir)
UNIX - Get User Certificate and Key Filenames¶
globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char **user_cert, char **user_key)
UNIX - Get Host Certificate and Key Filenames¶
globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char **host_cert, char **host_key)
UNIX - Get Service Certificate and Key Filenames¶
globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix (char *service_name, char **service_cert, char **service_key)
UNIX - Get Proxy Filename¶
globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char **user_proxy, globus_gsi_proxy_file_type_t proxy_file_type)
UNIX - Get Signing Policy Filename¶
globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix (X509_NAME *ca_name, char *cert_dir, char **signing_policy_filename)
UNIX - Get CA Cert Filenames¶
globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char *ca_cert_dir, globus_fifo_t *ca_cert_list)
UNIX - Remove all proxies owned by current uid¶
globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char *default_filename)
UNIX - Check if the current user is root¶
globus_result_t globus_gsi_sysconfig_is_superuser_unix (int *is_superuser)
UNIX - Get the path and file name of the grid map file¶
globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char **filename)
UNIX - Get the path and file name of the authorization callback configuration file¶
globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char **filename)
UNIX - Get the path and file name of the gaa configuration file¶
globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char **filename)
Detailed Description¶
These functions implement the UNIX version of the Globus GSI System Configuration API.Function Documentation¶
globus_result_t globus_gsi_sysconfig_set_key_permissions_unix (char *filename)¶
Set the file permissions of a file to read-write only by the user which are the permissions that should be set for all private keys. Parameters:filename
Returns:
GLOBUS_SUCCESS or an error object id
globus_result_t globus_gsi_sysconfig_get_user_id_string_unix (char **user_id_string)¶
Get a unique string representing the current user. This is just the uid converted to a string. Parameters:user_id_string A unique string
representing the user
Returns:
GLOBUS_SUCCESS unless an error occurred
globus_result_t globus_gsi_sysconfig_get_username_unix (char **username)¶
Get the username of the current user. Parameters:username This parameter will contain
the current user name upon a successful return. It is the users responsibility
to free memory allocated for this return value.
Returns:
GLOBUS_SUCCESS unless an error occurred
globus_result_t globus_gsi_sysconfig_get_proc_id_string_unix (char **proc_id_string)¶
Get a unique string representing the current process. This is just the pid converted to a string. Parameters:proc_id_string A unique string
representing the process
Returns:
GLOBUS_SUCCESS unless an error occurred
globus_result_t globus_gsi_sysconfig_make_absolute_path_for_filename_unix (char *filename, char **absolute_path)¶
Make the filename into an absolute path string based on the current working directory. Parameters:filename the filename to get the
absolute path of.
absolute_path The resulting absolute path. This needs to be freed when no
longer needed.
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_split_dir_and_filename_unix (char *full_filename, char **dir_string, char **filename_string)¶
Split the directory and filename portions of a filename string into two separate strings. Parameters:full_filename The filename to split.
Splits on the last occurrance of '/' where the directory is everything before
the last '/', and the filename is everything after.
dir_string The directory portion of the filename string. If no '/' is
found throughout the string, this variable points to NULL. This needs to be
freed when no longer needed.
filename_string The filename portion of the filename string. If no '/' is
found throughout, this variable is a duplicate of the full_filename parameter.
This needs to be freed when no longer needed.
Returns:
GLOBUS_SUCCESS if no error occurred. Otherwise
an error object ID is returned.
globus_result_t globus_gsi_sysconfig_get_current_working_dir_unix (char **working_dir)¶
Get the current working directory on the system. Parameters:working_dir The current working
directory
Returns:
GLOBUS_SUCCESS or an error object
identifier
globus_result_t globus_gsi_sysconfig_get_home_dir_unix (char **home_dir)¶
Get the HOME Directory of the current user. Should be the $HOME environment variable. Parameters:home_dir The home directory of the
current user
Returns:
GLOBUS_SUCCESS if no error occured, otherwise
an error object is returned.
globus_result_t globus_gsi_sysconfig_file_exists_unix (const char *filename)¶
Check if the file exists. Parameters:filename The filename of the file to
check for
Returns:
GLOBUS_SUCCESS if the file exists and is
readable, otherwise an error object identifier
globus_result_t globus_gsi_sysconfig_dir_exists_unix (const char *filename)¶
Check if the directory exists. Parameters:filename The filename of the directory
to check for
Returns:
GLOBUS_SUCCESS if the directory exists,
otherwise an error object identifier.
globus_result_t globus_gsi_sysconfig_check_keyfile_unix (const char *filename)¶
This is a convenience function used to check the status of a private key file. The desired status is only the current user has ownership and read permissions, everyone else should not be able to access it. Parameters:filename The name of the file to check
the status of
Returns:
GLOBUS_SUCCESS if the status of the file was
able to be determined. Otherwise, an error object identifier
globus_result_t globus_gsi_sysconfig_check_certfile_unix (const char *filename)¶
This is a convenience function used to check the status of a certificate file. The desired status is the current user has ownership and read/write permissions, while group and others only have read permissions. Parameters:filename The name of the file to check
the status of
Returns:
GLOBUS_SUCCESS if the status of the file was
able to be determined. Otherwise, an error object identifier
globus_result_t globus_gsi_sysconfig_get_cert_dir_unix (char **cert_dir)¶
Get the Trusted Certificate Directory containing the trusted Certificate Authority certificates. This directory is determined in the order shown below. Failure in one method results in attempting the next.- 1.
- X509_CERT_DIR environment variable - if this is set, the trusted certificates will be searched for in that directory. This variable allows the end user to specify the location of trusted certificates.
- 2.
- $HOME/.globus/certificates - If this directory exists, and the previous methods of determining the trusted certs directory failed, this directory will be used.
- 3.
- /etc/grid-security/certificates - This location is intended to be independent of the globus installation ($GLOBUS_LOCATION), and is generally only writeable by the host system administrator.
- 4.
- $GLOBUS_LOCATION/share/certificates
cert_dir The trusted certificates
directory
Returns:
GLOBUS_SUCCESS if no error occurred, and a
sufficient trusted certificates directory was found. Otherwise, an error
object identifier returned.
globus_result_t globus_gsi_sysconfig_get_user_cert_filename_unix (char **user_cert, char **user_key)¶
Get the User Certificate Filename based on the current user's environment. The following locations are searched for cert and key files in order:- 1.
- environment variables X509_USER_CERT and X509_USER_KEY
- 2.
- $HOME/.globus/usercert.pem and $HOME/.globus/userkey.pem
- 3.
- $HOME/.globus/usercred.p12 - this is a PKCS12 credential
user_cert pointer the filename of the
user certificate
user_key pointer to the filename of the user key
Returns:
GLOBUS_SUCCESS if the cert and key files were
found in one of the possible locations, otherwise an error object identifier
is returned
globus_result_t globus_gsi_sysconfig_get_host_cert_filename_unix (char **host_cert, char **host_key)¶
Get the Host Certificate and Key Filenames based on the current user's environment. The host cert and key are searched for in the following locations (in order):- 1.
- X509_USER_CERT and X509_USER_KEY environment variables
- 2.
- registry keys x509_user_cert and x509_user_key in software\Globus\GSI
- 3.
- \<GLOBUS_LOCATION\>\etc\host[cert|key].pem
- 4.
- \<users home directory\>\.globus\host[cert|key].pem
host_cert pointer to the host
certificate filename
host_key pointer to the host key filename
Returns:
GLOBUS_SUCCESS if the host cert and key were
found, otherwise an error object identifier is returned
globus_result_t globus_gsi_sysconfig_get_service_cert_filename_unix (char *service_name, char **service_cert, char **service_key)¶
Get the Service Certificate Filename based on the current user's environment. The host cert and key are searched for in the following locations (in order):- 1.
- X509_USER_CERT and X509_USER_KEY environment variables
- 2.
- \/etc\/grid-security\/{service_name}\/{service_name}[cert|key].pem
- 3.
- GLOBUS_LOCATION\/etc\/{service_name}\/{service_name}[cert|key].pem So for example, if my service was named: myservice, the location of the certificate would be: GLOBUS_LOCATION\/etc\/myservice\/myservicecert.pem
- 4.
- \<users home\>\/.globus\/{service_name}\/{service_name}[cert|key].pem
service_name The name of the service
which allows us to determine the locations of cert and key files to look for
service_cert pointer to the host certificate filename
service_key pointer to the host key filename
Returns:
GLOBUS_SUCCESS if the service cert and key
were found, otherwise an error object identifier
globus_result_t globus_gsi_sysconfig_get_proxy_filename_unix (char **user_proxy, globus_gsi_proxy_file_type_tproxy_file_type)¶
Get the proxy cert filename based on the following search order: .PD 0- 1.
- X509_USER_PROXY environment variable - This environment variable is set by the at run time for the specific application. If the proxy_file_type variable is set to GLOBUS_PROXY_OUTPUT (a proxy filename for writing is requested), and the X509_USER_PROXY is set, this will be the resulting value of the user_proxy filename string passed in. If the proxy_file_type is set to GLOBUS_PROXY_INPUT and X509_USER_PROXY is set, but the file it points to does not exist, or has some other readability issues, the function will continue checking using the other methods available.
- 2.
- Check the default location for the proxy file of \/tmp\/x509_u\<user_id\> where \<user id\> is some unique string for that user on the host
user_proxy the proxy filename of the
user
proxy_file_type Switch for determining whether to return a existing proxy
filename or if a filename suitable for creating a proxy should be
returned
Returns:
GLOBUS_SUCCESS or an error object
identifier
globus_result_t globus_gsi_sysconfig_get_signing_policy_filename_unix (X509_NAME *ca_name, char *cert_dir, char **signing_policy_filename)¶
Get the Signing Policy Filename on the current system, based on the CA's subject name, and the trusted certificates directory. Parameters:ca_name The X509 subject name of the CA
to get the signing policy of. The hash of the CA is generated from this
cert_dir The trusted CA certificates directory, containing the
singing_policy files of the trusted CA's.
signing_policy_filename The resulting singing_policy filename
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID
globus_result_t globus_gsi_sysconfig_get_ca_cert_files_unix (char *ca_cert_dir, globus_fifo_t *ca_cert_list)¶
Gets a list of trusted CA certificate filenames in a trusted CA certificate directory. Parameters:ca_cert_dir The trusted CA certificate
directory to get the filenames from
ca_cert_list The resulting list of CA certificate filenames. This is a a
globus list structure.
See also:
globus_fifo_t
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_remove_all_owned_files_unix (char *default_filename)¶
Removes all proxies (ie. all delegated and grid-proxy-init generated proxies) found in the secure tmp directory that are owned by the current user. Parameters:default_filename The filename of the
default proxy
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_is_superuser_unix (int *is_superuser)¶
Checks whether the current user is root. Parameters:is_superuser 1 if the user is the
superuser 0 if not
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_get_gridmap_filename_unix (char **filename)¶
Get the path and file name of the grid map file. Parameters:filename Contains the location of the
grid map file upon successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_get_authz_conf_filename_unix (char **filename)¶
Get the path and file name of the authorization callback configuration file. Parameters:filename Contains the location of the
authorization callback configuration file upon successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_get_authz_lib_conf_filename_unix (char **filename)¶
Get the path and file name of the authorization callback configuration file. Parameters:filename Contains the location of the
authorization callback configuration file upon successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
globus_result_t globus_gsi_sysconfig_get_gaa_conf_filename_unix (char **filename)¶
Get the path and file name of the GAA configuration file. Parameters:filename Contains the location of the
GAA callback configuration file upon successful return
Returns:
GLOBUS_SUCCESS if no error occurred, otherwise
an error object ID is returned
Author¶
Generated automatically by Doxygen for globus gsi sysconfig from the source code.Mon Apr 30 2012 | Version 5.2 |