getobjattr Subroutine

Edit online

Purpose

Queries the object security information defined in the domain-assigned object database.

Library

Security Library (libc.a)

Syntax

#include <usersec.h>
int getobjattr ( Obj, Attribute, Value, Type)
char * Obj;
char * Attribute;
void *Value;
int Type;

Description

The getobjattr subroutine reads a specified attribute from the domain-assigned object database. If the database is not open, this subroutine does an implicit open for reading. For attributes of the SEC_CHAR and SEC_LIST types, the getobjattr subroutine returns the value to the allocated memory. The caller must free this allocated memory.

Parameters

Item Description
Obj Specifies the object name.
Attribute Specifies the attribute to read. The following possible attributes are defined in the usersec.h file:
  • S_DOMAINS

    The list of domains to which the object belongs. The attribute type is SEC_LIST.

  • S_CONFSETS

    The list of domains that are excluded from accessing the object. The attribute type is SEC_LIST

  • S_TYPE
    The type of the object. Valid values are:
    • S_NETINT

      For Network interfaces

    • S_FILE

      For file based objects. The object name should be the absolute path

    • S_DEVICE

      For Devices. The absolute path should be specified.

    • S_NETPORT

      For port and port ranges

    The attribute type is SEC_CHAR.
  • S_SECFLAGS

    The security flags for the object. The valid values are FSF_DOM_ALL and FSF_DOM_ANY. The attribute type is SEC_INT.
Value

Specifies a pointer, or a pointer to a pointer according to the value specified in the Attribute and Type parameters. See the Type parameter for more details.

Type The Type parameter specifies the type of the attribute. The following valid types are defined in the usersec.h file:

SEC_INT

The format of the attribute is an integer. For the subroutine, you must provide a pointer to a defined integer variable.

SEC_LIST

The format of the attribute is a series of concatenated strings each of which is null-terminated. The last string in the series is terminated by two successive null characters. For the subroutine, you must supply a pointer to a defined character pointer variable. The caller must free this memory.

Security

Files Accessed:

Item Description
File Mode 
/etc/security/domobjs
 
rw

Return Values

If successful, the getobjattr subroutine returns zero. Otherwise, a value of -1 is returned and the errno global value is set to indicate the error.

Error Codes

Item Description
EINVAL

The Obj parameter is NULL.

The Attribute or Type parameter is NULL or does not contain one of the defined values.

The Obj parameter is ALL and the Attribute parameter is not S_DOMAINS.

The Value parameter does not point to a valid buffer for this type of attribute.
ENOATTR The Attribute parameter is S_DOMAINS, but the Obj parameter is not ALL.

The attribute specified in the Attribute parameter is valid but no value is defined for the object.
ENOENT

The object specified in the Obj parameter does not exist.
ENOMEM Memory cannot be allocated.
EPERM The operation is not permitted.
EACCES Access permission is denied for the data request.