1/*++ 2/* NAME 3/* dot_lockfile_as 3 4/* SUMMARY 5/* dotlock file as user 6/* SYNOPSIS 7/* #include <dot_lockfile_as.h> 8/* 9/* int dot_lockfile_as(path, why, euid, egid) 10/* const char *path; 11/* VSTRING *why; 12/* uid_t euid; 13/* gid_t egid; 14/* 15/* void dot_unlockfile_as(path, euid, egid) 16/* const char *path; 17/* uid_t euid; 18/* gid_t egid; 19/* DESCRIPTION 20/* dot_lockfile_as() and dot_unlockfile_as() are wrappers around 21/* the dot_lockfile() and dot_unlockfile() routines. The routines 22/* change privilege to the designated privilege, perform the 23/* requested operation, and restore privileges. 24/* DIAGNOSTICS 25/* Fatal error: no permission to change privilege level. 26/* SEE ALSO 27/* dot_lockfile(3) dotlock file management 28/* set_eugid(3) switch effective rights 29/* LICENSE 30/* .ad 31/* .fi 32/* The Secure Mailer license must be distributed with this software. 33/* AUTHOR(S) 34/* Wietse Venema 35/* IBM T.J. Watson Research 36/* P.O. Box 704 37/* Yorktown Heights, NY 10598, USA 38/*--*/ 39 40/* System library. */ 41 42#include <sys_defs.h> 43#include <unistd.h> 44 45/* Utility library. */ 46 47#include "msg.h" 48#include "set_eugid.h" 49#include "dot_lockfile.h" 50#include "dot_lockfile_as.h" 51 52/* dot_lockfile_as - dotlock file as user */ 53 54int dot_lockfile_as(const char *path, VSTRING *why, uid_t euid, gid_t egid) 55{ 56 uid_t saved_euid = geteuid(); 57 gid_t saved_egid = getegid(); 58 int result; 59 60 /* 61 * Switch to the target user privileges. 62 */ 63 set_eugid(euid, egid); 64 65 /* 66 * Lock that file. 67 */ 68 result = dot_lockfile(path, why); 69 70 /* 71 * Restore saved privileges. 72 */ 73 set_eugid(saved_euid, saved_egid); 74 75 return (result); 76} 77 78/* dot_unlockfile_as - dotlock file as user */ 79 80void dot_unlockfile_as(const char *path, uid_t euid, gid_t egid) 81{ 82 uid_t saved_euid = geteuid(); 83 gid_t saved_egid = getegid(); 84 85 /* 86 * Switch to the target user privileges. 87 */ 88 set_eugid(euid, egid); 89 90 /* 91 * Lock that file. 92 */ 93 dot_unlockfile(path); 94 95 /* 96 * Restore saved privileges. 97 */ 98 set_eugid(saved_euid, saved_egid); 99} 100