Museum

Home

Lab Overview

Retrotechnology Articles

Online Manuals

⇒ creatfs(S) — OpenDesktop Software Development System 3.0.0

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

getprfient(S)

files(F)


 create_file_securely(S)        6 January 1993        create_file_securely(S)


 Name

    create_file_securely - create a file using an attribute specification
    from the file control database

 Syntax


    cc  . . .  -lprot    -lx


    #include <sys/types.h>
    #include <prot.h>

    int create_file_securely (path, mode, purpose)
    char *path;
    int mode;
    char *purpose;


 Description

    createfilesecurely(S) is used to create a file and to assign to that
    file attributes specified for it in the file control database,
    /etc/auth/system/files.  Attributes that may be specified for a file con-
    trol database entry that are used by this routine include:


    fowner  Owner of the file

    fgroup  Group of the file

    fmode   File permission bits

    Other attributes supported by the file control database have no effect
    during the creation of a file but are intended for use by programs such
    as integrity(ADM).

    The path argument is the name of a file to be created using attributes
    from the file control database. The file name should match exactly a file
    name entry in the file control database.

    mode is either AUTHSILENT or AUTHVERBOSE. AUTHVERBOSE mode results in
    signals being blocked until the routine is finished and also will result
    in the generation of audit records for failure conditions. Additionally,
    since the routine is used to create temporary files on behalf of callers,
    a temporary file may already exist at the time the routine is invoked.
    The use of AUTHVERBOSE mode allows the routine to wait for any existing
    temporary file to be removed, using an adaptive time-out/retry mechanism.
    This allows synchronization of simultaneous database updates.  If the
    mode is specified as AUTHSILENT, signals are not blocked by the routine
    nor are audit records generated when an operation fails. Additionally, if
    the entry refers to a temporary file and that file already exists, no
    attempt is made to wait until it is removed.

    The purpose argument is a pointer to a string identifying the reason for
    using the routine to create the file. This string is used as part of
    audit record when the mode is AUTHVERBOSE.

    The routine sets the attributes of the file according to a specific
    sequence designed to minimize the need for the calling process to have
    certain effective privileges. The file is first created using the OEXCL
    option and the open(S) system call. This will fail if the file already
    exists.  Once the file has been created, it is closed since certain
    attributes can only be set on the file if the file is not in use. If the
    file control database entry does not specify an owner, the owner of the
    file will be set to the real user id of the process. Likewise, if the
    entry does not specify the file group, it is set to the real group id of
    the process. If a value for mode is not specified for the file, then mode
    will be set to its default value, 0.

    The file permissions are set according to the file control database
    entry, if a value is present, or to a mode of 0.  This is done using the
    chmod(S) system call while the file is still owned by the calling user.

    Lastly, the owner and group of the file are set using the chown(S) system
    call.

 Diagnostics

    createfilesecurely(S) returns a status code that provides detailed in-
    formation on the result of the create operation. The return codes are:


    CFSGOODRETURN
                The file was created successfully and all of the attributes
                specified in the file control database entry were success-
                fully set on the new file.

    CFSCANNOTOPENFILE
                The routine was unable to create the file identified by path.

    CFSNOFILECONTROLENTRY
                There was not a file control database entry for path.

    CFSCANNOTCHGMODE
                The permissions specified by the file control database could
                not be set on the created file.

    CFSCANNOTCHGOWNERGROUP
                The owner/group specified in the file control database entry
                could not be set for the created file.

    If the file can not be created or an attempt to set any of the attributes
    specified by the file control database entry fails, the routine will
    return one of the above failure codes. If the failure resulted from the
    inability to set an attribute on the created file, the file is also
    removed before returning.

 Note

    Programs using this routine must be compiled with -lprot or -lprots,
    together with -lx.

 See also

    getprfient(S), files(F).

 Standards conformance

    createfilesecurely(S) is not part of any currently supported standard;
    it is an extension of AT&T System V provided by the Santa Cruz Operation.


Typewritten Software • bear@typewritten.org • Edmonds, WA 98026