create_file_securely(3)create_file_securely(3)NAMEcreate_file_securely - Create a file in the authentication database
(Enhanced Security)
SYNOPSIS
#include <sys/security.h> #include <prot.h>
int create_file_securely(
char *file,
int decibels,
char *purpose );
LIBRARY
Security library - libsecurity.so
PARAMETERS
The file parameter is the pathname to create. The decibels parameter
is AUTH_SILENT, AUTH_LIMITED, or AUTH_VERBOSE. Using AUTH_SILENT
blocks signals. The AUTH_LIMITED constant allows a limited amount of
dialog. Using AUTH_VERBOSE specifies that the routine should try to
wait until the file can be created (up to 100 tries, 1 second apart).
The values for decibels are as follows: AUTH_SILENT AUTH_LIMITED
AUTH_VERBOSE The purpose parameter is a tag for the audit log entry
created by the audit daemon when a file cannot be created.
DESCRIPTION
The create_file_securely() routine creates a file as specified in the
file control database, /etc/auth/system/files. It is more flexible than
coding the discretionary attributes of the file, and a further assur‐
ance that the file being created is in accordance with security con‐
cerns.
If the path to the file being created does not exist, cre‐
ate_file_securely() attempts to create the path. If each directory in
the path is not defined in the file control database, cre‐
ate_file_securely() fails and returns CFS_NO_FILE_CONTROL_ENTRY.
RETURN VALUES
The create_file_securely routine returns the following values:
CFS_GOOD_RETURN CFS_CAN_NOT_OPEN_FILE CFS_NO_FILE_CONTROL_ENTRY
FS_CAN_NOT_CHG_MODE CFS_CAN_NOT_CHG_OWNER_GROUP
FILES
The file control database.
SEE ALSO
Files: files(4)create_file_securely(3)