]>
Commit | Line | Data |
---|---|---|
3802a3d3 | 1 | <?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*--> |
cd6d5e1c | 2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
12b42c76 | 3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
cd6d5e1c ZJS |
4 | |
5 | <!-- | |
572eb058 ZJS |
6 | SPDX-License-Identifier: LGPL-2.1+ |
7 | ||
5de0ccff | 8 | This file is part of systemd. |
cd6d5e1c | 9 | |
5de0ccff | 10 | Copyright 2014 Zbigniew Jędrzejewski-Szmek |
cd6d5e1c ZJS |
11 | --> |
12 | ||
7d6b2723 | 13 | <refentry id="sd_bus_creds_get_pid" xmlns:xi="http://www.w3.org/2001/XInclude"> |
cd6d5e1c ZJS |
14 | |
15 | <refentryinfo> | |
16 | <title>sd_bus_creds_get_pid</title> | |
17 | <productname>systemd</productname> | |
18 | ||
19 | <authorgroup> | |
20 | <author> | |
21 | <contrib>A monkey with a typewriter</contrib> | |
22 | <firstname>Zbigniew</firstname> | |
23 | <surname>Jędrzejewski-Szmek</surname> | |
24 | <email>zbyszek@in.waw.pl</email> | |
25 | </author> | |
26 | </authorgroup> | |
27 | </refentryinfo> | |
28 | ||
29 | <refmeta> | |
30 | <refentrytitle>sd_bus_creds_get_pid</refentrytitle> | |
31 | <manvolnum>3</manvolnum> | |
32 | </refmeta> | |
33 | ||
34 | <refnamediv> | |
35 | <refname>sd_bus_creds_get_pid</refname> | |
52d7c4dc | 36 | <refname>sd_bus_creds_get_ppid</refname> |
cd6d5e1c ZJS |
37 | <refname>sd_bus_creds_get_tid</refname> |
38 | <refname>sd_bus_creds_get_uid</refname> | |
52d7c4dc LP |
39 | <refname>sd_bus_creds_get_euid</refname> |
40 | <refname>sd_bus_creds_get_suid</refname> | |
41 | <refname>sd_bus_creds_get_fsuid</refname> | |
cd6d5e1c | 42 | <refname>sd_bus_creds_get_gid</refname> |
52d7c4dc LP |
43 | <refname>sd_bus_creds_get_egid</refname> |
44 | <refname>sd_bus_creds_get_sgid</refname> | |
45 | <refname>sd_bus_creds_get_fsgid</refname> | |
46 | <refname>sd_bus_creds_get_supplementary_gids</refname> | |
cd6d5e1c ZJS |
47 | <refname>sd_bus_creds_get_comm</refname> |
48 | <refname>sd_bus_creds_get_tid_comm</refname> | |
49 | <refname>sd_bus_creds_get_exe</refname> | |
50 | <refname>sd_bus_creds_get_cmdline</refname> | |
51 | <refname>sd_bus_creds_get_cgroup</refname> | |
52 | <refname>sd_bus_creds_get_unit</refname> | |
cd6d5e1c | 53 | <refname>sd_bus_creds_get_slice</refname> |
f6f7a984 LP |
54 | <refname>sd_bus_creds_get_user_unit</refname> |
55 | <refname>sd_bus_creds_get_user_slice</refname> | |
cd6d5e1c ZJS |
56 | <refname>sd_bus_creds_get_session</refname> |
57 | <refname>sd_bus_creds_get_owner_uid</refname> | |
58 | <refname>sd_bus_creds_has_effective_cap</refname> | |
59 | <refname>sd_bus_creds_has_permitted_cap</refname> | |
60 | <refname>sd_bus_creds_has_inheritable_cap</refname> | |
61 | <refname>sd_bus_creds_has_bounding_cap</refname> | |
62 | <refname>sd_bus_creds_get_selinux_context</refname> | |
63 | <refname>sd_bus_creds_get_audit_session_id</refname> | |
64 | <refname>sd_bus_creds_get_audit_login_uid</refname> | |
52d7c4dc | 65 | <refname>sd_bus_creds_get_tty</refname> |
cd6d5e1c ZJS |
66 | <refname>sd_bus_creds_get_unique_name</refname> |
67 | <refname>sd_bus_creds_get_well_known_names</refname> | |
52d7c4dc | 68 | <refname>sd_bus_creds_get_description</refname> |
cd6d5e1c ZJS |
69 | |
70 | <refpurpose>Retrieve fields from a credentials object</refpurpose> | |
71 | </refnamediv> | |
72 | ||
73 | <refsynopsisdiv> | |
74 | <funcsynopsis> | |
75 | <funcsynopsisinfo>#include <systemd/sd-bus.h></funcsynopsisinfo> | |
76 | ||
77 | <funcprototype> | |
78 | <funcdef>int <function>sd_bus_creds_get_pid</function></funcdef> | |
8dc385e7 | 79 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
80 | <paramdef>pid_t *<parameter>pid</parameter></paramdef> |
81 | </funcprototype> | |
82 | ||
52d7c4dc LP |
83 | <funcprototype> |
84 | <funcdef>int <function>sd_bus_creds_get_ppid</function></funcdef> | |
85 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
86 | <paramdef>pid_t *<parameter>ppid</parameter></paramdef> | |
87 | </funcprototype> | |
88 | ||
cd6d5e1c ZJS |
89 | <funcprototype> |
90 | <funcdef>int <function>sd_bus_creds_get_tid</function></funcdef> | |
8dc385e7 | 91 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
92 | <paramdef>pid_t *<parameter>tid</parameter></paramdef> |
93 | </funcprototype> | |
94 | ||
95 | <funcprototype> | |
52d7c4dc LP |
96 | <funcdef>int <function>sd_bus_creds_get_uid</function></funcdef> |
97 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
98 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> | |
99 | </funcprototype> | |
100 | ||
101 | <funcprototype> | |
102 | <funcdef>int <function>sd_bus_creds_get_euid</function></funcdef> | |
103 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
104 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> | |
105 | </funcprototype> | |
106 | ||
107 | <funcprototype> | |
108 | <funcdef>int <function>sd_bus_creds_get_suid</function></funcdef> | |
109 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
110 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> | |
111 | </funcprototype> | |
112 | ||
113 | <funcprototype> | |
114 | <funcdef>int <function>sd_bus_creds_get_fsuid</function></funcdef> | |
8dc385e7 | 115 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
116 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> |
117 | </funcprototype> | |
118 | ||
119 | <funcprototype> | |
120 | <funcdef>int <function>sd_bus_creds_get_gid</function></funcdef> | |
8dc385e7 | 121 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
122 | <paramdef>gid_t *<parameter>gid</parameter></paramdef> |
123 | </funcprototype> | |
124 | ||
52d7c4dc LP |
125 | <funcprototype> |
126 | <funcdef>int <function>sd_bus_creds_get_egid</function></funcdef> | |
127 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
128 | <paramdef>gid_t *<parameter>gid</parameter></paramdef> | |
129 | </funcprototype> | |
130 | ||
131 | <funcprototype> | |
132 | <funcdef>int <function>sd_bus_creds_get_sgid</function></funcdef> | |
133 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
134 | <paramdef>gid_t *<parameter>gid</parameter></paramdef> | |
135 | </funcprototype> | |
136 | ||
137 | <funcprototype> | |
138 | <funcdef>int <function>sd_bus_creds_get_fsgid</function></funcdef> | |
139 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
140 | <paramdef>gid_t *<parameter>gid</parameter></paramdef> | |
141 | </funcprototype> | |
142 | ||
143 | <funcprototype> | |
144 | <funcdef>int <function>sd_bus_creds_get_supplementary_gids</function></funcdef> | |
145 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
146 | <paramdef>const gid_t **<parameter>gids</parameter></paramdef> | |
147 | </funcprototype> | |
148 | ||
cd6d5e1c ZJS |
149 | <funcprototype> |
150 | <funcdef>int <function>sd_bus_creds_get_comm</function></funcdef> | |
8dc385e7 | 151 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
152 | <paramdef>const char **<parameter>comm</parameter></paramdef> |
153 | </funcprototype> | |
154 | ||
155 | <funcprototype> | |
156 | <funcdef>int <function>sd_bus_creds_get_tid_comm</function></funcdef> | |
8dc385e7 | 157 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
158 | <paramdef>const char **<parameter>comm</parameter></paramdef> |
159 | </funcprototype> | |
160 | ||
161 | <funcprototype> | |
162 | <funcdef>int <function>sd_bus_creds_get_exe</function></funcdef> | |
8dc385e7 | 163 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
164 | <paramdef>const char **<parameter>exe</parameter></paramdef> |
165 | </funcprototype> | |
166 | ||
167 | <funcprototype> | |
168 | <funcdef>int <function>sd_bus_creds_get_cmdline</function></funcdef> | |
8dc385e7 | 169 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
170 | <paramdef>char ***<parameter>cmdline</parameter></paramdef> |
171 | </funcprototype> | |
172 | ||
173 | <funcprototype> | |
174 | <funcdef>int <function>sd_bus_creds_get_cgroup</function></funcdef> | |
8dc385e7 | 175 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
176 | <paramdef>const char **<parameter>cgroup</parameter></paramdef> |
177 | </funcprototype> | |
178 | ||
179 | <funcprototype> | |
180 | <funcdef>int <function>sd_bus_creds_get_unit</function></funcdef> | |
8dc385e7 | 181 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
182 | <paramdef>const char **<parameter>unit</parameter></paramdef> |
183 | </funcprototype> | |
184 | ||
f6f7a984 LP |
185 | <funcprototype> |
186 | <funcdef>int <function>sd_bus_creds_get_slice</function></funcdef> | |
187 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
188 | <paramdef>const char **<parameter>slice</parameter></paramdef> | |
189 | </funcprototype> | |
190 | ||
cd6d5e1c ZJS |
191 | <funcprototype> |
192 | <funcdef>int <function>sd_bus_creds_get_user_unit</function></funcdef> | |
8dc385e7 | 193 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
194 | <paramdef>const char **<parameter>unit</parameter></paramdef> |
195 | </funcprototype> | |
196 | ||
197 | <funcprototype> | |
f6f7a984 | 198 | <funcdef>int <function>sd_bus_creds_get_user_slice</function></funcdef> |
8dc385e7 | 199 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
200 | <paramdef>const char **<parameter>slice</parameter></paramdef> |
201 | </funcprototype> | |
202 | ||
203 | <funcprototype> | |
204 | <funcdef>int <function>sd_bus_creds_get_session</function></funcdef> | |
8dc385e7 | 205 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
206 | <paramdef>const char **<parameter>slice</parameter></paramdef> |
207 | </funcprototype> | |
208 | ||
209 | <funcprototype> | |
210 | <funcdef>int <function>sd_bus_creds_get_owner_uid</function></funcdef> | |
8dc385e7 | 211 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
212 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> |
213 | </funcprototype> | |
214 | ||
215 | <funcprototype> | |
216 | <funcdef>int <function>sd_bus_creds_has_effective_cap</function></funcdef> | |
8dc385e7 | 217 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
218 | <paramdef>int <parameter>capability</parameter></paramdef> |
219 | </funcprototype> | |
220 | ||
221 | <funcprototype> | |
222 | <funcdef>int <function>sd_bus_creds_has_permitted_cap</function></funcdef> | |
8dc385e7 | 223 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
224 | <paramdef>int <parameter>capability</parameter></paramdef> |
225 | </funcprototype> | |
226 | ||
227 | <funcprototype> | |
228 | <funcdef>int <function>sd_bus_creds_has_inheritable_cap</function></funcdef> | |
8dc385e7 | 229 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
230 | <paramdef>int <parameter>capability</parameter></paramdef> |
231 | </funcprototype> | |
232 | ||
233 | <funcprototype> | |
234 | <funcdef>int <function>sd_bus_creds_has_bounding_cap</function></funcdef> | |
8dc385e7 | 235 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
236 | <paramdef>int <parameter>capability</parameter></paramdef> |
237 | </funcprototype> | |
238 | ||
239 | <funcprototype> | |
240 | <funcdef>int <function>sd_bus_creds_get_selinux_context</function></funcdef> | |
8dc385e7 | 241 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
242 | <paramdef>const char **<parameter>context</parameter></paramdef> |
243 | </funcprototype> | |
244 | ||
245 | <funcprototype> | |
246 | <funcdef>int <function>sd_bus_creds_get_audit_session_id</function></funcdef> | |
8dc385e7 | 247 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
248 | <paramdef>uint32_t *<parameter>sessionid</parameter></paramdef> |
249 | </funcprototype> | |
250 | ||
251 | <funcprototype> | |
252 | <funcdef>int <function>sd_bus_creds_get_audit_login_uid</function></funcdef> | |
8dc385e7 | 253 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
254 | <paramdef>uid_t *<parameter>loginuid</parameter></paramdef> |
255 | </funcprototype> | |
256 | ||
52d7c4dc LP |
257 | <funcprototype> |
258 | <funcdef>int <function>sd_bus_creds_get_tty</function></funcdef> | |
259 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> | |
260 | <paramdef>const char **<parameter>tty</parameter></paramdef> | |
261 | </funcprototype> | |
262 | ||
cd6d5e1c ZJS |
263 | <funcprototype> |
264 | <funcdef>int <function>sd_bus_creds_get_unique_name</function></funcdef> | |
8dc385e7 | 265 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
266 | <paramdef>const char **<parameter>name</parameter></paramdef> |
267 | </funcprototype> | |
268 | ||
269 | <funcprototype> | |
270 | <funcdef>int <function>sd_bus_creds_get_well_known_names</function></funcdef> | |
8dc385e7 | 271 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
cd6d5e1c ZJS |
272 | <paramdef>char ***<parameter>name</parameter></paramdef> |
273 | </funcprototype> | |
274 | ||
5c20a8bc | 275 | <funcprototype> |
52d7c4dc | 276 | <funcdef>int <function>sd_bus_creds_get_description</function></funcdef> |
5c20a8bc LP |
277 | <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef> |
278 | <paramdef>const char **<parameter>name</parameter></paramdef> | |
279 | </funcprototype> | |
280 | ||
cd6d5e1c ZJS |
281 | </funcsynopsis> |
282 | </refsynopsisdiv> | |
283 | ||
284 | <refsect1> | |
285 | <title>Description</title> | |
286 | ||
f6f7a984 LP |
287 | <para>These functions return credential information from an |
288 | <parameter>sd_bus_creds</parameter> object. Credential objects may | |
289 | be created with | |
cd6d5e1c | 290 | <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>, |
52d7c4dc LP |
291 | in which case they describe the credentials of the process |
292 | identified by the specified PID, with | |
293 | <citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>, | |
294 | in which case they describe the credentials of a bus peer | |
b655a028 | 295 | identified by the specified bus name, with |
056f95d0 | 296 | <citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>, |
52d7c4dc | 297 | in which case they describe the credentials of the creator of a |
b655a028 UTL |
298 | bus, or with |
299 | <citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>, | |
f6f7a984 LP |
300 | in which case they describe the credentials of the sender of the |
301 | message.</para> | |
302 | ||
303 | <para>Not all credential fields are part of every | |
304 | <literal>sd_bus_creds</literal> object. Use | |
305 | <citerefentry><refentrytitle>sd_bus_creds_get_mask</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
306 | to determine the mask of fields available.</para> | |
cd6d5e1c | 307 | |
52d7c4dc | 308 | <para><function>sd_bus_creds_get_pid()</function> will retrieve |
a8eaaee7 | 309 | the PID (process identifier). Similarly, |
52d7c4dc LP |
310 | <function>sd_bus_creds_get_ppid()</function> will retrieve the |
311 | parent PID. Note that PID 1 has no parent process, in which case | |
312 | -ENXIO is returned.</para> | |
cd6d5e1c | 313 | |
b7ea3f3e | 314 | <para><function>sd_bus_creds_get_tid()</function> will retrieve the |
cd6d5e1c ZJS |
315 | TID (thread identifier).</para> |
316 | ||
52d7c4dc | 317 | <para><function>sd_bus_creds_get_uid()</function> will retrieve |
a8eaaee7 | 318 | the numeric UID (user identifier). Similarly, |
52d7c4dc LP |
319 | <function>sd_bus_creds_get_euid()</function> returns the effective |
320 | UID, <function>sd_bus_creds_get_suid()</function> the saved UID | |
321 | and <function>sd_bus_creds_get_fsuid()</function> the file system | |
322 | UID.</para> | |
cd6d5e1c | 323 | |
b7ea3f3e | 324 | <para><function>sd_bus_creds_get_gid()</function> will retrieve the |
a8eaaee7 | 325 | numeric GID (group identifier). Similarly, |
52d7c4dc LP |
326 | <function>sd_bus_creds_get_egid()</function> returns the effective |
327 | GID, <function>sd_bus_creds_get_sgid()</function> the saved GID | |
328 | and <function>sd_bus_creds_get_fsgid()</function> the file system | |
329 | GID.</para> | |
330 | ||
331 | <para><function>sd_bus_creds_get_supplementary_gids()</function> | |
332 | will retrieve the supplementary GIDs list.</para> | |
cd6d5e1c | 333 | |
b7ea3f3e | 334 | <para><function>sd_bus_creds_get_comm()</function> will retrieve the |
dc968941 | 335 | comm field (truncated name of the executable, as stored in |
cd6d5e1c ZJS |
336 | <filename>/proc/<replaceable>pid</replaceable>/comm</filename>). |
337 | </para> | |
338 | ||
b7ea3f3e | 339 | <para><function>sd_bus_creds_get_tid_comm()</function> will retrieve |
cd6d5e1c ZJS |
340 | the comm field of the thread (as stored in |
341 | <filename>/proc/<replaceable>pid</replaceable>/task/<replaceable>tid</replaceable>/comm</filename>). | |
342 | </para> | |
343 | ||
52d7c4dc LP |
344 | <para><function>sd_bus_creds_get_exe()</function> will retrieve |
345 | the path to the program executable (as stored in the | |
cd6d5e1c | 346 | <filename>/proc/<replaceable>pid</replaceable>/exe</filename> |
a8eaaee7 | 347 | link, but with the <literal> (deleted)</literal> suffix removed). Note |
52d7c4dc LP |
348 | that kernel threads do not have an executable path, in which case |
349 | -ENXIO is returned.</para> | |
cd6d5e1c | 350 | |
52d7c4dc LP |
351 | <para><function>sd_bus_creds_get_cmdline()</function> will |
352 | retrieve an array of command line arguments (as stored in | |
353 | <filename>/proc/<replaceable>pid</replaceable>/cmdline</filename>). Note | |
354 | that kernel threads do not have a command line, in which case | |
355 | -ENXIO is returned.</para> | |
cd6d5e1c | 356 | |
b7ea3f3e | 357 | <para><function>sd_bus_creds_get_cgroup()</function> will retrieve |
c7458f93 | 358 | the control group path. See <ulink |
3c887f97 | 359 | url="https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt">cgroups.txt</ulink>. |
cd6d5e1c ZJS |
360 | </para> |
361 | ||
52d7c4dc LP |
362 | <para><function>sd_bus_creds_get_unit()</function> will retrieve |
363 | the systemd unit name (in the system instance of systemd) that the | |
a8eaaee7 | 364 | process is a part of. See |
52d7c4dc | 365 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For |
b938cb90 | 366 | processes that are not part of a unit, returns -ENXIO. |
cd6d5e1c ZJS |
367 | </para> |
368 | ||
b7ea3f3e | 369 | <para><function>sd_bus_creds_get_user_unit()</function> will |
cd6d5e1c | 370 | retrieve the systemd unit name (in the user instance of systemd) |
a8eaaee7 | 371 | that the process is a part of. See |
52d7c4dc | 372 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For |
b938cb90 | 373 | processes that are not part of a user unit, returns -ENXIO. |
cd6d5e1c ZJS |
374 | </para> |
375 | ||
b7ea3f3e | 376 | <para><function>sd_bus_creds_get_slice()</function> will retrieve |
cd6d5e1c | 377 | the systemd slice (a unit in the system instance of systemd) that |
a8eaaee7 JE |
378 | the process is a part of. See |
379 | <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similarly, | |
f6f7a984 LP |
380 | <function>sd_bus_creds_get_user_slice()</function> retrieves the |
381 | systemd slice of the process, in the user instance of systemd. | |
cd6d5e1c ZJS |
382 | </para> |
383 | ||
52d7c4dc | 384 | <para><function>sd_bus_creds_get_session()</function> will |
f6f7a984 | 385 | retrieve the identifier of the login session that the process is |
1c97e2eb AJ |
386 | a part of. Please note the login session may be limited to a stub |
387 | process or two. User processes may instead be started from their | |
388 | systemd user manager, e.g. GUI applications started using DBus | |
389 | activation, as well as service processes which are shared between | |
390 | multiple logins of the same user. For processes that are not part | |
391 | of a session, returns -ENXIO.</para> | |
cd6d5e1c | 392 | |
52d7c4dc LP |
393 | <para><function>sd_bus_creds_get_owner_uid()</function> will |
394 | retrieve the numeric UID (user identifier) of the user who owns | |
1c97e2eb | 395 | the user unit or login session that the process is a part of. See |
f6f7a984 | 396 | <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. |
1c97e2eb AJ |
397 | For processes that are not part of a user unit or session, returns |
398 | -ENXIO. | |
cd6d5e1c ZJS |
399 | </para> |
400 | ||
479050b3 LP |
401 | <para><function>sd_bus_creds_has_effective_cap()</function> will check whether the capability specified by |
402 | <parameter>capability</parameter> was set in the effective capabilities mask. A positive return value means that it | |
403 | was set, zero means that it was not set, and a negative return value indicates an error. See <citerefentry | |
404 | project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> and the | |
405 | <varname>AmbientCapabilities=</varname> and <varname>CapabilityBoundingSet=</varname> settings in | |
cd6d5e1c ZJS |
406 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>. |
407 | </para> | |
408 | ||
b7ea3f3e LP |
409 | <para><function>sd_bus_creds_has_permitted_cap()</function> is |
410 | similar to <function>sd_bus_creds_has_effective_cap()</function>, | |
cd6d5e1c ZJS |
411 | but will check the permitted capabilities mask.</para> |
412 | ||
b7ea3f3e LP |
413 | <para><function>sd_bus_creds_has_inheritable_cap()</function> is |
414 | similar to <function>sd_bus_creds_has_effective_cap()</function>, | |
cd6d5e1c ZJS |
415 | but will check the inheritable capabilities mask.</para> |
416 | ||
b7ea3f3e LP |
417 | <para><function>sd_bus_creds_has_bounding_cap()</function> is |
418 | similar to <function>sd_bus_creds_has_effective_cap()</function>, | |
cd6d5e1c ZJS |
419 | but will check the bounding capabilities mask.</para> |
420 | ||
b7ea3f3e | 421 | <para><function>sd_bus_creds_get_selinux_context()</function> will |
82adf6af | 422 | retrieve the SELinux security context (label) of the process.</para> |
cd6d5e1c | 423 | |
52d7c4dc LP |
424 | <para><function>sd_bus_creds_get_audit_session_id()</function> |
425 | will retrieve the audit session identifier of the process. Returns | |
426 | -ENXIO for processes that are not part of an audit session.</para> | |
cd6d5e1c | 427 | |
b7ea3f3e | 428 | <para><function>sd_bus_creds_get_audit_login_uid()</function> will |
cd6d5e1c | 429 | retrieve the audit user login identifier (the identifier of the |
52d7c4dc LP |
430 | user who is "responsible" for the session). Returns -ENXIO for |
431 | processes that are not part of an audit session.</para> | |
432 | ||
433 | <para><function>sd_bus_creds_get_tty()</function> will retrieve | |
f6f7a984 LP |
434 | the controlling TTY, without the prefixing "/dev/". Returns -ENXIO |
435 | for processes that have no controlling TTY.</para> | |
cd6d5e1c | 436 | |
b7ea3f3e | 437 | <para><function>sd_bus_creds_get_unique_name()</function> will |
cd6d5e1c ZJS |
438 | retrieve the D-Bus unique name. See <ulink |
439 | url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The | |
440 | D-Bus specification</ulink>.</para> | |
441 | ||
b7ea3f3e | 442 | <para><function>sd_bus_creds_get_well_known_names()</function> will |
cd6d5e1c ZJS |
443 | retrieve the set of D-Bus well-known names. See <ulink |
444 | url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The | |
445 | D-Bus specification</ulink>.</para> | |
446 | ||
52d7c4dc | 447 | <para><function>sd_bus_creds_get_description()</function> will |
5c20a8bc LP |
448 | retrieve a descriptive name of the bus connection of the |
449 | peer. This name is useful to discern multiple bus connections by | |
450 | the same peer, and may be altered by the peer with the | |
52d7c4dc | 451 | <citerefentry><refentrytitle>sd_bus_set_description</refentrytitle><manvolnum>3</manvolnum></citerefentry> |
5c20a8bc LP |
452 | call.</para> |
453 | ||
cd6d5e1c ZJS |
454 | <para>All functions that take a <parameter>const |
455 | char**</parameter> parameter will store the answer there as an | |
456 | address of a NUL-terminated string. It will be valid as long as | |
457 | <parameter>c</parameter> remains valid, and should not be freed or | |
458 | modified by the caller.</para> | |
459 | ||
460 | <para>All functions that take a <parameter>char***</parameter> | |
7f3fdb7f | 461 | parameter will store the answer there as an address of an array |
ff9b60f3 | 462 | of strings. Each individual string is NUL-terminated, and the |
cd6d5e1c ZJS |
463 | array is NULL-terminated as a whole. It will be valid as long as |
464 | <parameter>c</parameter> remains valid, and should not be freed or | |
465 | modified by the caller.</para> | |
466 | </refsect1> | |
467 | ||
468 | <refsect1> | |
469 | <title>Return Value</title> | |
470 | ||
471 | <para>On success, these calls return 0 or a positive integer. On | |
472 | failure, these calls return a negative errno-style error code. | |
473 | </para> | |
474 | </refsect1> | |
475 | ||
476 | <refsect1> | |
477 | <title>Errors</title> | |
478 | ||
479 | <para>Returned errors may indicate the following problems:</para> | |
480 | ||
481 | <variablelist> | |
482 | <varlistentry> | |
8474b70c | 483 | <term><constant>-ENODATA</constant></term> |
cd6d5e1c | 484 | |
a8eaaee7 | 485 | <listitem><para>The given field is not available in the |
52d7c4dc | 486 | credentials object <parameter>c</parameter>.</para> |
b200a92c | 487 | </listitem> |
cd6d5e1c ZJS |
488 | </varlistentry> |
489 | ||
490 | <varlistentry> | |
52d7c4dc | 491 | <term><constant>-ENXIO</constant></term> |
cd6d5e1c | 492 | |
a8eaaee7 | 493 | <listitem><para>The given field is not specified for the described |
52d7c4dc | 494 | process or peer. This will be returned by |
fc47bea6 AJ |
495 | <function>sd_bus_creds_get_unit()</function>, |
496 | <function>sd_bus_creds_get_slice()</function>, | |
497 | <function>sd_bus_creds_get_user_unit()</function>, | |
498 | <function>sd_bus_creds_get_user_slice()</function>, and | |
499 | <function>sd_bus_creds_get_session()</function> if the process is | |
52d7c4dc | 500 | not part of a systemd system unit, systemd user unit, systemd |
1c97e2eb AJ |
501 | slice, or logind session. It will be returned by |
502 | <function>sd_bus_creds_get_owner_uid()</function> if the process is | |
503 | not part of a systemd user unit or logind session. It will also be | |
504 | returned by <function>sd_bus_creds_get_exe()</function> and | |
52d7c4dc | 505 | <function>sd_bus_creds_get_cmdline()</function> for kernel |
a8eaaee7 JE |
506 | threads (since these are not started from an executable binary, |
507 | nor have a command line), and by | |
52d7c4dc LP |
508 | <function>sd_bus_creds_get_audit_session_id()</function> and |
509 | <function>sd_bus_creds_get_audit_login_uid()</function> when | |
510 | the process is not part of an audit session, and | |
511 | <function>sd_bus_creds_get_tty()</function> if the process has | |
512 | no controlling TTY. | |
513 | </para> | |
b200a92c | 514 | </listitem> |
cd6d5e1c ZJS |
515 | </varlistentry> |
516 | ||
517 | <varlistentry> | |
8474b70c | 518 | <term><constant>-EINVAL</constant></term> |
cd6d5e1c ZJS |
519 | |
520 | <listitem><para>Specified pointer parameter is <constant>NULL</constant>. | |
521 | </para></listitem> | |
522 | </varlistentry> | |
523 | ||
524 | <varlistentry> | |
8474b70c | 525 | <term><constant>-ENOMEM</constant></term> |
cd6d5e1c ZJS |
526 | |
527 | <listitem><para>Memory allocation failed.</para></listitem> | |
528 | </varlistentry> | |
529 | </variablelist> | |
530 | </refsect1> | |
531 | ||
7d6b2723 | 532 | <xi:include href="libsystemd-pkgconfig.xml" /> |
cd6d5e1c ZJS |
533 | |
534 | <refsect1> | |
535 | <title>See Also</title> | |
536 | ||
537 | <para> | |
538 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
539 | <citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>, | |
f6f7a984 LP |
540 | <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, |
541 | <citerefentry project='man-pages'><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>, | |
542 | <citerefentry project='man-pages'><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>, | |
5aded369 ZJS |
543 | <citerefentry project='man-pages'><refentrytitle>credentials</refentrytitle><manvolnum>7</manvolnum></citerefentry>, |
544 | <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry>, | |
545 | <citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
e530ed5e | 546 | <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry> |
cd6d5e1c ZJS |
547 | </para> |
548 | </refsect1> | |
549 | ||
550 | </refentry> |