tcb Subroutine

Purpose

Alters the Trusted Computing Base (TCB) status of a file.

Library

Security Library (libc.a)

Syntax

#include <sys/tcb.h>

int tcb ( Path Flag)
char *Path;
int Flag;

Description

The tcb subroutine provides a mechanism to query or set the TCB attributes of a file.

This subroutine is not safe for use with multiple threads. To call this subroutine from a threaded application, enclose the call with the _libs_rmutex lock. See "Making a Subroutine Safe for Multiple Threads" in AIX® Version 7.1 General Programming Concepts: Writing and Debugging Programs for more information about this lock.

Parameters

Item Description
Path Specifies the path name of the file whose TCB status is to be changed.
Flag Specifies the function to be performed. Valid values are defined in the sys/tcb.h file and include the following:
TCB_ON
Enables the TCB attribute of a file.
TCB_OFF
Disables the Trusted Process and TCB attributes of a file.
TCB_QUERY
Queries the TCB status of a file. This function returns one of the preceding values.

Return Values

Upon successful completion, the tcb subroutine returns a value of 0 if the Flags parameter is either TCB_ON or TCB_OFF. If the Flags parameter is TCB_QUERY, the current status is returned. If the tcb subroutine fails, a value of -1 is returned and the errno global variable is set to indicate the error.

Error Codes

The tcb subroutine fails if one of the following is true:

Item Description
EINVAL The Flags parameter is not one of TCB_ON, TCB_OFF, or TCB_QUERY.
EPERM Not authorized to perform this operation.
ENOENT The file specified by the Path parameter does not exist.
EROFS The file system is read-only.
EBUSY The file specified by the Path parameter is currently open for writing.
EACCES Access permission is denied for the file specified by the Path parameter.

Security

Access Control: The calling process must have search permission for the object named by the Path parameter. Only the root user can set the tcb attributes of a file.