2 <!DOCTYPE refentry PUBLIC
"-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
6 SPDX-License-Identifier: LGPL-2.1+
9 <refentry id=
"sd_bus_creds_get_pid" xmlns:
xi=
"http://www.w3.org/2001/XInclude">
12 <title>sd_bus_creds_get_pid
</title>
13 <productname>systemd
</productname>
17 <refentrytitle>sd_bus_creds_get_pid
</refentrytitle>
18 <manvolnum>3</manvolnum>
22 <refname>sd_bus_creds_get_pid
</refname>
23 <refname>sd_bus_creds_get_ppid
</refname>
24 <refname>sd_bus_creds_get_tid
</refname>
25 <refname>sd_bus_creds_get_uid
</refname>
26 <refname>sd_bus_creds_get_euid
</refname>
27 <refname>sd_bus_creds_get_suid
</refname>
28 <refname>sd_bus_creds_get_fsuid
</refname>
29 <refname>sd_bus_creds_get_gid
</refname>
30 <refname>sd_bus_creds_get_egid
</refname>
31 <refname>sd_bus_creds_get_sgid
</refname>
32 <refname>sd_bus_creds_get_fsgid
</refname>
33 <refname>sd_bus_creds_get_supplementary_gids
</refname>
34 <refname>sd_bus_creds_get_comm
</refname>
35 <refname>sd_bus_creds_get_tid_comm
</refname>
36 <refname>sd_bus_creds_get_exe
</refname>
37 <refname>sd_bus_creds_get_cmdline
</refname>
38 <refname>sd_bus_creds_get_cgroup
</refname>
39 <refname>sd_bus_creds_get_unit
</refname>
40 <refname>sd_bus_creds_get_slice
</refname>
41 <refname>sd_bus_creds_get_user_unit
</refname>
42 <refname>sd_bus_creds_get_user_slice
</refname>
43 <refname>sd_bus_creds_get_session
</refname>
44 <refname>sd_bus_creds_get_owner_uid
</refname>
45 <refname>sd_bus_creds_has_effective_cap
</refname>
46 <refname>sd_bus_creds_has_permitted_cap
</refname>
47 <refname>sd_bus_creds_has_inheritable_cap
</refname>
48 <refname>sd_bus_creds_has_bounding_cap
</refname>
49 <refname>sd_bus_creds_get_selinux_context
</refname>
50 <refname>sd_bus_creds_get_audit_session_id
</refname>
51 <refname>sd_bus_creds_get_audit_login_uid
</refname>
52 <refname>sd_bus_creds_get_tty
</refname>
53 <refname>sd_bus_creds_get_unique_name
</refname>
54 <refname>sd_bus_creds_get_well_known_names
</refname>
55 <refname>sd_bus_creds_get_description
</refname>
57 <refpurpose>Retrieve fields from a credentials object
</refpurpose>
62 <funcsynopsisinfo>#include
<systemd/sd-bus.h
></funcsynopsisinfo>
65 <funcdef>int
<function>sd_bus_creds_get_pid
</function></funcdef>
66 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
67 <paramdef>pid_t *
<parameter>pid
</parameter></paramdef>
71 <funcdef>int
<function>sd_bus_creds_get_ppid
</function></funcdef>
72 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
73 <paramdef>pid_t *
<parameter>ppid
</parameter></paramdef>
77 <funcdef>int
<function>sd_bus_creds_get_tid
</function></funcdef>
78 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
79 <paramdef>pid_t *
<parameter>tid
</parameter></paramdef>
83 <funcdef>int
<function>sd_bus_creds_get_uid
</function></funcdef>
84 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
85 <paramdef>uid_t *
<parameter>uid
</parameter></paramdef>
89 <funcdef>int
<function>sd_bus_creds_get_euid
</function></funcdef>
90 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
91 <paramdef>uid_t *
<parameter>uid
</parameter></paramdef>
95 <funcdef>int
<function>sd_bus_creds_get_suid
</function></funcdef>
96 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
97 <paramdef>uid_t *
<parameter>uid
</parameter></paramdef>
101 <funcdef>int
<function>sd_bus_creds_get_fsuid
</function></funcdef>
102 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
103 <paramdef>uid_t *
<parameter>uid
</parameter></paramdef>
107 <funcdef>int
<function>sd_bus_creds_get_gid
</function></funcdef>
108 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
109 <paramdef>gid_t *
<parameter>gid
</parameter></paramdef>
113 <funcdef>int
<function>sd_bus_creds_get_egid
</function></funcdef>
114 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
115 <paramdef>gid_t *
<parameter>gid
</parameter></paramdef>
119 <funcdef>int
<function>sd_bus_creds_get_sgid
</function></funcdef>
120 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
121 <paramdef>gid_t *
<parameter>gid
</parameter></paramdef>
125 <funcdef>int
<function>sd_bus_creds_get_fsgid
</function></funcdef>
126 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
127 <paramdef>gid_t *
<parameter>gid
</parameter></paramdef>
131 <funcdef>int
<function>sd_bus_creds_get_supplementary_gids
</function></funcdef>
132 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
133 <paramdef>const gid_t **
<parameter>gids
</parameter></paramdef>
137 <funcdef>int
<function>sd_bus_creds_get_comm
</function></funcdef>
138 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
139 <paramdef>const char **
<parameter>comm
</parameter></paramdef>
143 <funcdef>int
<function>sd_bus_creds_get_tid_comm
</function></funcdef>
144 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
145 <paramdef>const char **
<parameter>comm
</parameter></paramdef>
149 <funcdef>int
<function>sd_bus_creds_get_exe
</function></funcdef>
150 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
151 <paramdef>const char **
<parameter>exe
</parameter></paramdef>
155 <funcdef>int
<function>sd_bus_creds_get_cmdline
</function></funcdef>
156 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
157 <paramdef>char ***
<parameter>cmdline
</parameter></paramdef>
161 <funcdef>int
<function>sd_bus_creds_get_cgroup
</function></funcdef>
162 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
163 <paramdef>const char **
<parameter>cgroup
</parameter></paramdef>
167 <funcdef>int
<function>sd_bus_creds_get_unit
</function></funcdef>
168 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
169 <paramdef>const char **
<parameter>unit
</parameter></paramdef>
173 <funcdef>int
<function>sd_bus_creds_get_slice
</function></funcdef>
174 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
175 <paramdef>const char **
<parameter>slice
</parameter></paramdef>
179 <funcdef>int
<function>sd_bus_creds_get_user_unit
</function></funcdef>
180 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
181 <paramdef>const char **
<parameter>unit
</parameter></paramdef>
185 <funcdef>int
<function>sd_bus_creds_get_user_slice
</function></funcdef>
186 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
187 <paramdef>const char **
<parameter>slice
</parameter></paramdef>
191 <funcdef>int
<function>sd_bus_creds_get_session
</function></funcdef>
192 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
193 <paramdef>const char **
<parameter>slice
</parameter></paramdef>
197 <funcdef>int
<function>sd_bus_creds_get_owner_uid
</function></funcdef>
198 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
199 <paramdef>uid_t *
<parameter>uid
</parameter></paramdef>
203 <funcdef>int
<function>sd_bus_creds_has_effective_cap
</function></funcdef>
204 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
205 <paramdef>int
<parameter>capability
</parameter></paramdef>
209 <funcdef>int
<function>sd_bus_creds_has_permitted_cap
</function></funcdef>
210 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
211 <paramdef>int
<parameter>capability
</parameter></paramdef>
215 <funcdef>int
<function>sd_bus_creds_has_inheritable_cap
</function></funcdef>
216 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
217 <paramdef>int
<parameter>capability
</parameter></paramdef>
221 <funcdef>int
<function>sd_bus_creds_has_bounding_cap
</function></funcdef>
222 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
223 <paramdef>int
<parameter>capability
</parameter></paramdef>
227 <funcdef>int
<function>sd_bus_creds_get_selinux_context
</function></funcdef>
228 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
229 <paramdef>const char **
<parameter>context
</parameter></paramdef>
233 <funcdef>int
<function>sd_bus_creds_get_audit_session_id
</function></funcdef>
234 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
235 <paramdef>uint32_t *
<parameter>sessionid
</parameter></paramdef>
239 <funcdef>int
<function>sd_bus_creds_get_audit_login_uid
</function></funcdef>
240 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
241 <paramdef>uid_t *
<parameter>loginuid
</parameter></paramdef>
245 <funcdef>int
<function>sd_bus_creds_get_tty
</function></funcdef>
246 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
247 <paramdef>const char **
<parameter>tty
</parameter></paramdef>
251 <funcdef>int
<function>sd_bus_creds_get_unique_name
</function></funcdef>
252 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
253 <paramdef>const char **
<parameter>name
</parameter></paramdef>
257 <funcdef>int
<function>sd_bus_creds_get_well_known_names
</function></funcdef>
258 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
259 <paramdef>char ***
<parameter>name
</parameter></paramdef>
263 <funcdef>int
<function>sd_bus_creds_get_description
</function></funcdef>
264 <paramdef>sd_bus_creds *
<parameter>c
</parameter></paramdef>
265 <paramdef>const char **
<parameter>name
</parameter></paramdef>
272 <title>Description
</title>
274 <para>These functions return credential information from an
275 <parameter>sd_bus_creds
</parameter> object. Credential objects may
277 <citerefentry><refentrytitle>sd_bus_creds_new_from_pid
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
278 in which case they describe the credentials of the process
279 identified by the specified PID, with
280 <citerefentry><refentrytitle>sd_bus_get_name_creds
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
281 in which case they describe the credentials of a bus peer
282 identified by the specified bus name, with
283 <citerefentry><refentrytitle>sd_bus_get_owner_creds
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
284 in which case they describe the credentials of the creator of a
286 <citerefentry><refentrytitle>sd_bus_message_get_creds
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
287 in which case they describe the credentials of the sender of the
290 <para>Not all credential fields are part of every
291 <literal>sd_bus_creds
</literal> object. Use
292 <citerefentry><refentrytitle>sd_bus_creds_get_mask
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
293 to determine the mask of fields available.
</para>
295 <para><function>sd_bus_creds_get_pid()
</function> will retrieve
296 the PID (process identifier). Similarly,
297 <function>sd_bus_creds_get_ppid()
</function> will retrieve the
298 parent PID. Note that PID
1 has no parent process, in which case
299 -ENXIO is returned.
</para>
301 <para><function>sd_bus_creds_get_tid()
</function> will retrieve the
302 TID (thread identifier).
</para>
304 <para><function>sd_bus_creds_get_uid()
</function> will retrieve
305 the numeric UID (user identifier). Similarly,
306 <function>sd_bus_creds_get_euid()
</function> returns the effective
307 UID,
<function>sd_bus_creds_get_suid()
</function> the saved UID
308 and
<function>sd_bus_creds_get_fsuid()
</function> the file system
311 <para><function>sd_bus_creds_get_gid()
</function> will retrieve the
312 numeric GID (group identifier). Similarly,
313 <function>sd_bus_creds_get_egid()
</function> returns the effective
314 GID,
<function>sd_bus_creds_get_sgid()
</function> the saved GID
315 and
<function>sd_bus_creds_get_fsgid()
</function> the file system
318 <para><function>sd_bus_creds_get_supplementary_gids()
</function>
319 will retrieve the supplementary GIDs list.
</para>
321 <para><function>sd_bus_creds_get_comm()
</function> will retrieve the
322 comm field (truncated name of the executable, as stored in
323 <filename>/proc/
<replaceable>pid
</replaceable>/comm
</filename>).
326 <para><function>sd_bus_creds_get_tid_comm()
</function> will retrieve
327 the comm field of the thread (as stored in
328 <filename>/proc/
<replaceable>pid
</replaceable>/task/
<replaceable>tid
</replaceable>/comm
</filename>).
331 <para><function>sd_bus_creds_get_exe()
</function> will retrieve
332 the path to the program executable (as stored in the
333 <filename>/proc/
<replaceable>pid
</replaceable>/exe
</filename>
334 link, but with the
<literal> (deleted)
</literal> suffix removed). Note
335 that kernel threads do not have an executable path, in which case
336 -ENXIO is returned.
</para>
338 <para><function>sd_bus_creds_get_cmdline()
</function> will
339 retrieve an array of command line arguments (as stored in
340 <filename>/proc/
<replaceable>pid
</replaceable>/cmdline
</filename>). Note
341 that kernel threads do not have a command line, in which case
342 -ENXIO is returned.
</para>
344 <para><function>sd_bus_creds_get_cgroup()
</function> will retrieve
345 the control group path. See
<ulink
346 url=
"https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt">cgroups.txt
</ulink>.
349 <para><function>sd_bus_creds_get_unit()
</function> will retrieve
350 the systemd unit name (in the system instance of systemd) that the
351 process is a part of. See
352 <citerefentry><refentrytitle>systemd.unit
</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For
353 processes that are not part of a unit, returns -ENXIO.
356 <para><function>sd_bus_creds_get_user_unit()
</function> will
357 retrieve the systemd unit name (in the user instance of systemd)
358 that the process is a part of. See
359 <citerefentry><refentrytitle>systemd.unit
</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For
360 processes that are not part of a user unit, returns -ENXIO.
363 <para><function>sd_bus_creds_get_slice()
</function> will retrieve
364 the systemd slice (a unit in the system instance of systemd) that
365 the process is a part of. See
366 <citerefentry><refentrytitle>systemd.slice
</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similarly,
367 <function>sd_bus_creds_get_user_slice()
</function> retrieves the
368 systemd slice of the process, in the user instance of systemd.
371 <para><function>sd_bus_creds_get_session()
</function> will
372 retrieve the identifier of the login session that the process is
373 a part of. Please note the login session may be limited to a stub
374 process or two. User processes may instead be started from their
375 systemd user manager, e.g. GUI applications started using DBus
376 activation, as well as service processes which are shared between
377 multiple logins of the same user. For processes that are not part
378 of a session, returns -ENXIO.
</para>
380 <para><function>sd_bus_creds_get_owner_uid()
</function> will
381 retrieve the numeric UID (user identifier) of the user who owns
382 the user unit or login session that the process is a part of. See
383 <citerefentry><refentrytitle>systemd-logind.service
</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
384 For processes that are not part of a user unit or session, returns
388 <para><function>sd_bus_creds_has_effective_cap()
</function> will check whether the capability specified by
389 <parameter>capability
</parameter> was set in the effective capabilities mask. A positive return value means that it
390 was set, zero means that it was not set, and a negative return value indicates an error. See
<citerefentry
391 project='man-pages'
><refentrytitle>capabilities
</refentrytitle><manvolnum>7</manvolnum></citerefentry> and the
392 <varname>AmbientCapabilities=
</varname> and
<varname>CapabilityBoundingSet=
</varname> settings in
393 <citerefentry><refentrytitle>systemd.exec
</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
396 <para><function>sd_bus_creds_has_permitted_cap()
</function> is
397 similar to
<function>sd_bus_creds_has_effective_cap()
</function>,
398 but will check the permitted capabilities mask.
</para>
400 <para><function>sd_bus_creds_has_inheritable_cap()
</function> is
401 similar to
<function>sd_bus_creds_has_effective_cap()
</function>,
402 but will check the inheritable capabilities mask.
</para>
404 <para><function>sd_bus_creds_has_bounding_cap()
</function> is
405 similar to
<function>sd_bus_creds_has_effective_cap()
</function>,
406 but will check the bounding capabilities mask.
</para>
408 <para><function>sd_bus_creds_get_selinux_context()
</function> will
409 retrieve the SELinux security context (label) of the process.
</para>
411 <para><function>sd_bus_creds_get_audit_session_id()
</function>
412 will retrieve the audit session identifier of the process. Returns
413 -ENXIO for processes that are not part of an audit session.
</para>
415 <para><function>sd_bus_creds_get_audit_login_uid()
</function> will
416 retrieve the audit user login identifier (the identifier of the
417 user who is
"responsible" for the session). Returns -ENXIO for
418 processes that are not part of an audit session.
</para>
420 <para><function>sd_bus_creds_get_tty()
</function> will retrieve
421 the controlling TTY, without the prefixing
"/dev/". Returns -ENXIO
422 for processes that have no controlling TTY.
</para>
424 <para><function>sd_bus_creds_get_unique_name()
</function> will
425 retrieve the D-Bus unique name. See
<ulink
426 url=
"http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The
427 D-Bus specification
</ulink>.
</para>
429 <para><function>sd_bus_creds_get_well_known_names()
</function> will
430 retrieve the set of D-Bus well-known names. See
<ulink
431 url=
"http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The
432 D-Bus specification
</ulink>.
</para>
434 <para><function>sd_bus_creds_get_description()
</function> will
435 retrieve a descriptive name of the bus connection of the
436 peer. This name is useful to discern multiple bus connections by
437 the same peer, and may be altered by the peer with the
438 <citerefentry><refentrytitle>sd_bus_set_description
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
441 <para>All functions that take a
<parameter>const
442 char**
</parameter> parameter will store the answer there as an
443 address of a NUL-terminated string. It will be valid as long as
444 <parameter>c
</parameter> remains valid, and should not be freed or
445 modified by the caller.
</para>
447 <para>All functions that take a
<parameter>char***
</parameter>
448 parameter will store the answer there as an address of an array
449 of strings. Each individual string is NUL-terminated, and the
450 array is NULL-terminated as a whole. It will be valid as long as
451 <parameter>c
</parameter> remains valid, and should not be freed or
452 modified by the caller.
</para>
456 <title>Return Value
</title>
458 <para>On success, these calls return
0 or a positive integer. On
459 failure, these calls return a negative errno-style error code.
464 <title>Errors
</title>
466 <para>Returned errors may indicate the following problems:
</para>
470 <term><constant>-ENODATA
</constant></term>
472 <listitem><para>The given field is not available in the
473 credentials object
<parameter>c
</parameter>.
</para>
478 <term><constant>-ENXIO
</constant></term>
480 <listitem><para>The given field is not specified for the described
481 process or peer. This will be returned by
482 <function>sd_bus_creds_get_unit()
</function>,
483 <function>sd_bus_creds_get_slice()
</function>,
484 <function>sd_bus_creds_get_user_unit()
</function>,
485 <function>sd_bus_creds_get_user_slice()
</function>, and
486 <function>sd_bus_creds_get_session()
</function> if the process is
487 not part of a systemd system unit, systemd user unit, systemd
488 slice, or logind session. It will be returned by
489 <function>sd_bus_creds_get_owner_uid()
</function> if the process is
490 not part of a systemd user unit or logind session. It will also be
491 returned by
<function>sd_bus_creds_get_exe()
</function> and
492 <function>sd_bus_creds_get_cmdline()
</function> for kernel
493 threads (since these are not started from an executable binary,
494 nor have a command line), and by
495 <function>sd_bus_creds_get_audit_session_id()
</function> and
496 <function>sd_bus_creds_get_audit_login_uid()
</function> when
497 the process is not part of an audit session, and
498 <function>sd_bus_creds_get_tty()
</function> if the process has
505 <term><constant>-EINVAL
</constant></term>
507 <listitem><para>Specified pointer parameter is
<constant>NULL
</constant>.
512 <term><constant>-ENOMEM
</constant></term>
514 <listitem><para>Memory allocation failed.
</para></listitem>
519 <xi:include href=
"libsystemd-pkgconfig.xml" />
522 <title>See Also
</title>
525 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
526 <citerefentry><refentrytitle>sd-bus
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
527 <citerefentry><refentrytitle>sd_bus_creds_new_from_pid
</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
528 <citerefentry project='man-pages'
><refentrytitle>fork
</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
529 <citerefentry project='man-pages'
><refentrytitle>execve
</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
530 <citerefentry project='man-pages'
><refentrytitle>credentials
</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
531 <citerefentry project='man-pages'
><refentrytitle>free
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
532 <citerefentry project='man-pages'
><refentrytitle>proc
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
533 <citerefentry><refentrytitle>systemd.journal-fields
</refentrytitle><manvolnum>7</manvolnum></citerefentry>