]>
Commit | Line | Data |
---|---|---|
514094f9 | 1 | <?xml version='1.0'?> |
0b3b020a | 2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" |
12b42c76 | 3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
0b3b020a LP |
4 | |
5 | <!-- | |
572eb058 | 6 | SPDX-License-Identifier: LGPL-2.1+ |
0b3b020a LP |
7 | --> |
8 | ||
7d6b2723 ZJS |
9 | <refentry id="sd_pid_get_owner_uid" conditional='HAVE_PAM' |
10 | xmlns:xi="http://www.w3.org/2001/XInclude"> | |
0b3b020a | 11 | |
798d3a52 | 12 | <refentryinfo> |
1c97e2eb | 13 | <title>sd_pid_get_owner_uid</title> |
798d3a52 | 14 | <productname>systemd</productname> |
798d3a52 ZJS |
15 | </refentryinfo> |
16 | ||
17 | <refmeta> | |
1c97e2eb | 18 | <refentrytitle>sd_pid_get_owner_uid</refentrytitle> |
798d3a52 ZJS |
19 | <manvolnum>3</manvolnum> |
20 | </refmeta> | |
21 | ||
22 | <refnamediv> | |
1c97e2eb | 23 | <refname>sd_pid_get_owner_uid</refname> |
798d3a52 | 24 | <refname>sd_pid_get_session</refname> |
798d3a52 | 25 | <refname>sd_pid_get_user_unit</refname> |
1c97e2eb | 26 | <refname>sd_pid_get_unit</refname> |
798d3a52 ZJS |
27 | <refname>sd_pid_get_machine_name</refname> |
28 | <refname>sd_pid_get_slice</refname> | |
dddbc695 | 29 | <refname>sd_pid_get_user_slice</refname> |
f5aaf575 | 30 | <refname>sd_pid_get_cgroup</refname> |
1c97e2eb | 31 | <refname>sd_peer_get_owner_uid</refname> |
798d3a52 | 32 | <refname>sd_peer_get_session</refname> |
798d3a52 | 33 | <refname>sd_peer_get_user_unit</refname> |
1c97e2eb | 34 | <refname>sd_peer_get_unit</refname> |
798d3a52 ZJS |
35 | <refname>sd_peer_get_machine_name</refname> |
36 | <refname>sd_peer_get_slice</refname> | |
dddbc695 | 37 | <refname>sd_peer_get_user_slice</refname> |
f5aaf575 | 38 | <refname>sd_peer_get_cgroup</refname> |
1c97e2eb AJ |
39 | <refpurpose>Determine the owner uid of the user unit or session, |
40 | or the session, user unit, system unit, container/VM or slice that | |
41 | a specific PID or socket peer belongs to.</refpurpose> | |
798d3a52 ZJS |
42 | </refnamediv> |
43 | ||
44 | <refsynopsisdiv> | |
45 | <funcsynopsis> | |
46 | <funcsynopsisinfo>#include <systemd/sd-login.h></funcsynopsisinfo> | |
47 | ||
48 | <funcprototype> | |
1c97e2eb | 49 | <funcdef>int <function>sd_pid_get_owner_uid</function></funcdef> |
798d3a52 | 50 | <paramdef>pid_t <parameter>pid</parameter></paramdef> |
1c97e2eb | 51 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> |
798d3a52 ZJS |
52 | </funcprototype> |
53 | ||
54 | <funcprototype> | |
1c97e2eb | 55 | <funcdef>int <function>sd_pid_get_session</function></funcdef> |
798d3a52 | 56 | <paramdef>pid_t <parameter>pid</parameter></paramdef> |
1c97e2eb | 57 | <paramdef>char **<parameter>session</parameter></paramdef> |
798d3a52 ZJS |
58 | </funcprototype> |
59 | ||
60 | <funcprototype> | |
61 | <funcdef>int <function>sd_pid_get_user_unit</function></funcdef> | |
62 | <paramdef>pid_t <parameter>pid</parameter></paramdef> | |
63 | <paramdef>char **<parameter>unit</parameter></paramdef> | |
64 | </funcprototype> | |
65 | ||
66 | <funcprototype> | |
1c97e2eb | 67 | <funcdef>int <function>sd_pid_get_unit</function></funcdef> |
798d3a52 | 68 | <paramdef>pid_t <parameter>pid</parameter></paramdef> |
1c97e2eb | 69 | <paramdef>char **<parameter>unit</parameter></paramdef> |
798d3a52 ZJS |
70 | </funcprototype> |
71 | ||
72 | <funcprototype> | |
73 | <funcdef>int <function>sd_pid_get_machine_name</function></funcdef> | |
74 | <paramdef>pid_t <parameter>pid</parameter></paramdef> | |
75 | <paramdef>char **<parameter>name</parameter></paramdef> | |
76 | </funcprototype> | |
77 | ||
78 | <funcprototype> | |
79 | <funcdef>int <function>sd_pid_get_slice</function></funcdef> | |
80 | <paramdef>pid_t <parameter>pid</parameter></paramdef> | |
81 | <paramdef>char **<parameter>slice</parameter></paramdef> | |
82 | </funcprototype> | |
83 | ||
dddbc695 LP |
84 | <funcprototype> |
85 | <funcdef>int <function>sd_pid_get_user_slice</function></funcdef> | |
86 | <paramdef>pid_t <parameter>pid</parameter></paramdef> | |
87 | <paramdef>char **<parameter>slice</parameter></paramdef> | |
88 | </funcprototype> | |
89 | ||
f5aaf575 LP |
90 | <funcprototype> |
91 | <funcdef>int <function>sd_pid_get_cgroup</function></funcdef> | |
92 | <paramdef>pid_t <parameter>pid</parameter></paramdef> | |
93 | <paramdef>char **<parameter>cgroup</parameter></paramdef> | |
94 | </funcprototype> | |
95 | ||
798d3a52 | 96 | <funcprototype> |
1c97e2eb | 97 | <funcdef>int <function>sd_peer_get_owner_uid</function></funcdef> |
798d3a52 | 98 | <paramdef>int <parameter>fd</parameter></paramdef> |
1c97e2eb | 99 | <paramdef>uid_t *<parameter>uid</parameter></paramdef> |
798d3a52 ZJS |
100 | </funcprototype> |
101 | ||
102 | <funcprototype> | |
1c97e2eb | 103 | <funcdef>int <function>sd_peer_get_session</function></funcdef> |
798d3a52 | 104 | <paramdef>int <parameter>fd</parameter></paramdef> |
1c97e2eb | 105 | <paramdef>char **<parameter>session</parameter></paramdef> |
798d3a52 ZJS |
106 | </funcprototype> |
107 | ||
108 | <funcprototype> | |
109 | <funcdef>int <function>sd_peer_get_user_unit</function></funcdef> | |
110 | <paramdef>int <parameter>fd</parameter></paramdef> | |
111 | <paramdef>char **<parameter>unit</parameter></paramdef> | |
112 | </funcprototype> | |
113 | ||
114 | <funcprototype> | |
1c97e2eb | 115 | <funcdef>int <function>sd_peer_get_unit</function></funcdef> |
798d3a52 | 116 | <paramdef>int <parameter>fd</parameter></paramdef> |
1c97e2eb | 117 | <paramdef>char **<parameter>unit</parameter></paramdef> |
798d3a52 ZJS |
118 | </funcprototype> |
119 | ||
120 | <funcprototype> | |
121 | <funcdef>int <function>sd_peer_get_machine_name</function></funcdef> | |
122 | <paramdef>int <parameter>fd</parameter></paramdef> | |
123 | <paramdef>char **<parameter>name</parameter></paramdef> | |
124 | </funcprototype> | |
125 | ||
126 | <funcprototype> | |
127 | <funcdef>int <function>sd_peer_get_slice</function></funcdef> | |
128 | <paramdef>int <parameter>fd</parameter></paramdef> | |
129 | <paramdef>char **<parameter>slice</parameter></paramdef> | |
130 | </funcprototype> | |
dddbc695 LP |
131 | |
132 | <funcprototype> | |
133 | <funcdef>int <function>sd_peer_get_user_slice</function></funcdef> | |
134 | <paramdef>int <parameter>fd</parameter></paramdef> | |
135 | <paramdef>char **<parameter>slice</parameter></paramdef> | |
136 | </funcprototype> | |
f5aaf575 LP |
137 | |
138 | <funcprototype> | |
139 | <funcdef>int <function>sd_peer_get_cgroup</function></funcdef> | |
140 | <paramdef>int <parameter>fd</parameter></paramdef> | |
141 | <paramdef>char **<parameter>cgroup</parameter></paramdef> | |
142 | </funcprototype> | |
798d3a52 ZJS |
143 | </funcsynopsis> |
144 | </refsynopsisdiv> | |
145 | ||
146 | <refsect1> | |
147 | <title>Description</title> | |
148 | ||
1c97e2eb AJ |
149 | <para><function>sd_pid_get_owner_uid()</function> may be used to |
150 | determine the Unix UID (user identifier) which owns the login | |
151 | session or systemd user unit of a process identified by the | |
152 | specified PID. For processes which are not part of a login session | |
153 | and not managed by a user manager, this function will fail with | |
154 | <constant>-ENODATA</constant>.</para> | |
155 | ||
798d3a52 ZJS |
156 | <para><function>sd_pid_get_session()</function> may be used to |
157 | determine the login session identifier of a process identified by | |
158 | the specified process identifier. The session identifier is a | |
1c97e2eb AJ |
159 | short string, suitable for usage in file system paths. Please |
160 | note the login session may be limited to a stub process or two. | |
161 | User processes may instead be started from their systemd user | |
162 | manager, e.g. GUI applications started using DBus activation, as | |
163 | well as service processes which are shared between multiple logins | |
164 | of the same user. For processes which are not part of a login | |
165 | session, this function will fail with <constant>-ENODATA</constant>. | |
166 | The returned string needs to be freed with the libc <citerefentry | |
167 | project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
168 | call after use.</para> | |
169 | ||
170 | <para><function>sd_pid_get_user_unit()</function> may be used to | |
171 | determine the systemd user unit (i.e. user service or scope unit) | |
172 | identifier of a process identified by the specified PID. The | |
173 | unit name is a short string, suitable for usage in file system | |
174 | paths. For processes which are not managed by a user manager, this | |
175 | function will fail with <constant>-ENODATA</constant>. The | |
176 | returned string needs to be freed with the libc <citerefentry | |
882f407f | 177 | project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> |
798d3a52 ZJS |
178 | call after use.</para> |
179 | ||
180 | <para><function>sd_pid_get_unit()</function> may be used to | |
dddbc695 LP |
181 | determine the systemd system unit (i.e. system service or scope |
182 | unit) identifier of a process identified by the specified PID. The | |
183 | unit name is a short string, suitable for usage in file system | |
1c97e2eb AJ |
184 | paths. Note that not all processes are part of a system |
185 | unit/service. For processes not being part of a systemd system | |
186 | unit, this function will fail with <constant>-ENODATA</constant>. | |
187 | (More specifically, this call will not work for kernel threads.) | |
188 | The returned string needs to be freed with the libc <citerefentry | |
882f407f | 189 | project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> |
798d3a52 ZJS |
190 | call after use.</para> |
191 | ||
798d3a52 ZJS |
192 | <para><function>sd_pid_get_machine_name()</function> may be used |
193 | to determine the name of the VM or container is a member of. The | |
194 | machine name is a short string, suitable for usage in file system | |
195 | paths. The returned string needs to be freed with the libc | |
882f407f LP |
196 | <citerefentry |
197 | project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
1c97e2eb | 198 | call after use. For processes not part of a VM or container, this |
ce737f46 | 199 | function fails with <constant>-ENODATA</constant>.</para> |
798d3a52 ZJS |
200 | |
201 | <para><function>sd_pid_get_slice()</function> may be used to | |
202 | determine the slice unit the process is a member of. See | |
203 | <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
204 | for details about slices. The returned string needs to be freed | |
205 | with the libc | |
206 | <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry> | |
207 | call after use.</para> | |
208 | ||
a8eaaee7 | 209 | <para>Similarly, <function>sd_pid_get_user_slice()</function> |
dddbc695 LP |
210 | returns the user slice (as managed by the user's systemd instance) |
211 | of a process.</para> | |
212 | ||
f5aaf575 LP |
213 | <para><function>sd_pid_get_cgroup()</function> returns the control |
214 | group path of the specified process, relative to the root of the | |
215 | hierarchy. Returns the path without trailing slash, except for | |
216 | processes located in the root control group, where "/" is | |
b938cb90 | 217 | returned. To find the actual control group path in the file system, |
f5aaf575 LP |
218 | the returned path needs to be prefixed with |
219 | <filename>/sys/fs/cgroup/</filename> (if the unified control group | |
220 | setup is used), or | |
221 | <filename>/sys/fs/cgroup/<replaceable>HIERARCHY</replaceable>/</filename> | |
222 | (if the legacy multi-hierarchy control group setup is used).</para> | |
223 | ||
798d3a52 ZJS |
224 | <para>If the <varname>pid</varname> parameter of any of these |
225 | functions is passed as 0, the operation is executed for the | |
226 | calling process.</para> | |
227 | ||
1c97e2eb AJ |
228 | <para>The <function>sd_peer_get_owner_uid()</function>, |
229 | <function>sd_peer_get_session()</function>, | |
798d3a52 | 230 | <function>sd_peer_get_user_unit()</function>, |
1c97e2eb | 231 | <function>sd_peer_get_unit()</function>, |
dddbc695 | 232 | <function>sd_peer_get_machine_name()</function>, |
f5aaf575 LP |
233 | <function>sd_peer_get_slice()</function>, |
234 | <function>sd_peer_get_user_slice()</function> and | |
235 | <function>sd_peer_get_cgroup()</function> calls operate similar to | |
236 | their PID counterparts, but operate on a connected AF_UNIX socket | |
237 | and retrieve information about the connected peer process. Note | |
238 | that these fields are retrieved via <filename>/proc</filename>, | |
239 | and hence are not suitable for authorization purposes, as they are | |
240 | subject to races.</para> | |
798d3a52 ZJS |
241 | </refsect1> |
242 | ||
243 | <refsect1> | |
244 | <title>Return Value</title> | |
245 | ||
246 | <para>On success, these calls return 0 or a positive integer. On | |
247 | failure, these calls return a negative errno-style error | |
248 | code.</para> | |
249 | </refsect1> | |
250 | ||
882f407f LP |
251 | <refsect1> |
252 | <title>Errors</title> | |
253 | ||
254 | <para>Returned errors may indicate the following problems:</para> | |
255 | ||
256 | <variablelist> | |
257 | ||
258 | <varlistentry> | |
707b66c6 LP |
259 | <term><constant>-ESRCH</constant></term> |
260 | ||
261 | <listitem><para>The specified PID does not refer to a running | |
262 | process.</para> | |
263 | </listitem> | |
264 | </varlistentry> | |
265 | ||
266 | <varlistentry> | |
bc9e9af1 | 267 | <term><constant>-EBADF</constant></term> |
707b66c6 LP |
268 | |
269 | <listitem><para>The specified socket file descriptor was | |
270 | invalid.</para></listitem> | |
271 | </varlistentry> | |
272 | ||
273 | <varlistentry> | |
274 | <term><constant>-ENODATA</constant></term> | |
882f407f | 275 | |
a8eaaee7 | 276 | <listitem><para>The given field is not specified for the described |
882f407f LP |
277 | process or peer.</para> |
278 | </listitem> | |
279 | </varlistentry> | |
280 | ||
281 | <varlistentry> | |
707b66c6 | 282 | <term><constant>-EINVAL</constant></term> |
882f407f | 283 | |
707b66c6 | 284 | <listitem><para>An input parameter was invalid (out of range, |
7ca41557 | 285 | or NULL, where that is not accepted).</para></listitem> |
882f407f LP |
286 | </varlistentry> |
287 | ||
288 | <varlistentry> | |
289 | <term><constant>-ENOMEM</constant></term> | |
290 | ||
291 | <listitem><para>Memory allocation failed.</para></listitem> | |
292 | </varlistentry> | |
293 | </variablelist> | |
294 | </refsect1> | |
295 | ||
798d3a52 ZJS |
296 | <refsect1> |
297 | <title>Notes</title> | |
298 | ||
7d6b2723 | 299 | <xi:include href="libsystemd-pkgconfig.xml" xpointer="pkgconfig-text"/> |
798d3a52 ZJS |
300 | |
301 | <para>Note that the login session identifier as | |
302 | returned by <function>sd_pid_get_session()</function> | |
303 | is completely unrelated to the process session | |
304 | identifier as returned by | |
305 | <citerefentry><refentrytitle>getsid</refentrytitle><manvolnum>2</manvolnum></citerefentry>.</para> | |
306 | </refsect1> | |
307 | ||
308 | <refsect1> | |
309 | <title>See Also</title> | |
310 | ||
311 | <para> | |
312 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
313 | <citerefentry><refentrytitle>sd-login</refentrytitle><manvolnum>3</manvolnum></citerefentry>, | |
314 | <citerefentry><refentrytitle>sd_session_is_active</refentrytitle><manvolnum>3</manvolnum></citerefentry>, | |
315 | <citerefentry><refentrytitle>getsid</refentrytitle><manvolnum>2</manvolnum></citerefentry>, | |
316 | <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
317 | <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
318 | </para> | |
319 | </refsect1> | |
0b3b020a LP |
320 | |
321 | </refentry> |