1 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
2 /* lib/krb5/os/krbfileio.c */
3 /*
4 * Copyright (c) Hewlett-Packard Company 1991
5 * Released to the Massachusetts Institute of Technology for inclusion
6 * in the Kerberos source code distribution.
7 *
8 * Copyright 1991 by the Massachusetts Institute of Technology.
9 * All Rights Reserved.
10 *
11 * Export of this software from the United States of America may
12 * require a specific license from the United States Government.
13 * It is the responsibility of any person or organization contemplating
14 * export to obtain such a license before exporting.
15 *
16 * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
17 * distribute this software and its documentation for any purpose and
18 * without fee is hereby granted, provided that the above copyright
19 * notice appear in all copies and that both that copyright notice and
20 * this permission notice appear in supporting documentation, and that
21 * the name of M.I.T. not be used in advertising or publicity pertaining
22 * to distribution of the software without specific, written prior
23 * permission. Furthermore if you modify this software you must label
24 * your software as modified software and not distribute it in such a
25 * fashion that it might be confused with the original M.I.T. software.
26 * M.I.T. makes no representations about the suitability of
27 * this software for any purpose. It is provided "as is" without express
28 * or implied warranty.
29 */
30
31 #ifdef MODULE_VERSION_ID
32 static char *VersionID = "@(#)krbfileio.c 2 - 08/22/91";
33 #endif
34
35
36 #include "k5-int.h"
37 #include "os-proto.h"
38 #ifdef HAVE_SYS_FILE_H
39 #include <sys/file.h>
40 #endif
41 #include <fcntl.h>
42
43 #ifndef O_BINARY
44 #define O_BINARY 0
45 #endif
46
47 #ifdef apollo
48 # define OPEN_MODE_NOT_TRUSTWORTHY
49 #endif
50
51 krb5_error_code
k5_create_secure_file(krb5_context context,const char * pathname)52 k5_create_secure_file(krb5_context context, const char *pathname)
53 {
54 int fd;
55
56 /*
57 * Create the file with access restricted to the owner
58 */
59 fd = THREEPARAMOPEN(pathname, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600);
60
61 #ifdef OPEN_MODE_NOT_TRUSTWORTHY
62 /*
63 * Some systems that support default acl inheritance do not
64 * apply ownership information from the process - force the file
65 * to have the proper info.
66 */
67 if (fd > -1) {
68 uid_t uid;
69 gid_t gid;
70
71 uid = getuid();
72 gid = getgid();
73
74 fchown(fd, uid, gid);
75
76 fchmod(fd, 0600);
77 }
78 #endif /* OPEN_MODE_NOT_TRUSTWORTHY */
79
80 if (fd > -1) {
81 close(fd);
82 return 0;
83 } else {
84 return errno;
85 }
86 }
87
88 krb5_error_code
k5_sync_disk_file(krb5_context context,FILE * fp)89 k5_sync_disk_file(krb5_context context, FILE *fp)
90 {
91 fflush(fp);
92 #if !defined(MSDOS_FILESYSTEM)
93 if (fsync(fileno(fp))) {
94 return errno;
95 }
96 #endif
97
98 return 0;
99 }
100