1/* $NetBSD$ */ 2 3/*++ 4/* NAME 5/* dot_lockfile_as 3 6/* SUMMARY 7/* dotlock file as user 8/* SYNOPSIS 9/* #include <dot_lockfile_as.h> 10/* 11/* int dot_lockfile_as(path, why, euid, egid) 12/* const char *path; 13/* VSTRING *why; 14/* uid_t euid; 15/* gid_t egid; 16/* 17/* void dot_unlockfile_as(path, euid, egid) 18/* const char *path; 19/* uid_t euid; 20/* gid_t egid; 21/* DESCRIPTION 22/* dot_lockfile_as() and dot_unlockfile_as() are wrappers around 23/* the dot_lockfile() and dot_unlockfile() routines. The routines 24/* change privilege to the designated privilege, perform the 25/* requested operation, and restore privileges. 26/* DIAGNOSTICS 27/* Fatal error: no permission to change privilege level. 28/* SEE ALSO 29/* dot_lockfile(3) dotlock file management 30/* set_eugid(3) switch effective rights 31/* LICENSE 32/* .ad 33/* .fi 34/* The Secure Mailer license must be distributed with this software. 35/* AUTHOR(S) 36/* Wietse Venema 37/* IBM T.J. Watson Research 38/* P.O. Box 704 39/* Yorktown Heights, NY 10598, USA 40/*--*/ 41 42/* System library. */ 43 44#include <sys_defs.h> 45#include <unistd.h> 46 47/* Utility library. */ 48 49#include "msg.h" 50#include "set_eugid.h" 51#include "dot_lockfile.h" 52#include "dot_lockfile_as.h" 53 54/* dot_lockfile_as - dotlock file as user */ 55 56int dot_lockfile_as(const char *path, VSTRING *why, uid_t euid, gid_t egid) 57{ 58 uid_t saved_euid = geteuid(); 59 gid_t saved_egid = getegid(); 60 int result; 61 62 /* 63 * Switch to the target user privileges. 64 */ 65 set_eugid(euid, egid); 66 67 /* 68 * Lock that file. 69 */ 70 result = dot_lockfile(path, why); 71 72 /* 73 * Restore saved privileges. 74 */ 75 set_eugid(saved_euid, saved_egid); 76 77 return (result); 78} 79 80/* dot_unlockfile_as - dotlock file as user */ 81 82void dot_unlockfile_as(const char *path, uid_t euid, gid_t egid) 83{ 84 uid_t saved_euid = geteuid(); 85 gid_t saved_egid = getegid(); 86 87 /* 88 * Switch to the target user privileges. 89 */ 90 set_eugid(euid, egid); 91 92 /* 93 * Lock that file. 94 */ 95 dot_unlockfile(path); 96 97 /* 98 * Restore saved privileges. 99 */ 100 set_eugid(saved_euid, saved_egid); 101} 102