-<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
-<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-
-<!--
- SPDX-License-Identifier: LGPL-2.1+
--->
+<?xml version='1.0'?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+ "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+<!-- SPDX-License-Identifier: LGPL-2.1+ -->
<refentry id="sd_bus_creds_get_pid" xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>sd_bus_creds_get_pid</title>
<productname>systemd</productname>
-
- <authorgroup>
- <author>
- <contrib>A monkey with a typewriter</contrib>
- <firstname>Zbigniew</firstname>
- <surname>Jędrzejewski-Szmek</surname>
- <email>zbyszek@in.waw.pl</email>
- </author>
- </authorgroup>
</refentryinfo>
<refmeta>
<filename>/proc/<replaceable>pid</replaceable>/task/<replaceable>tid</replaceable>/comm</filename>).
</para>
- <para><function>sd_bus_creds_get_exe()</function> will retrieve
- the path to the program executable (as stored in the
- <filename>/proc/<replaceable>pid</replaceable>/exe</filename>
- link, but with the <literal> (deleted)</literal> suffix removed). Note
- that kernel threads do not have an executable path, in which case
- -ENXIO is returned.</para>
+ <para><function>sd_bus_creds_get_exe()</function> will retrieve the path to the program executable (as
+ stored in the <filename>/proc/<replaceable>pid</replaceable>/exe</filename> link, but with the <literal>
+ (deleted)</literal> suffix removed). Note that kernel threads do not have an executable path, in which
+ case -ENXIO is returned. Note that this property should not be used for more than explanatory
+ information, in particular it should not be used for security-relevant decisions. That's because the
+ executable might have been replaced or removed by the time the value can be processed. Moreover, the
+ kernel exports this information in an ambiguous way (i.e. a deleted executable cannot be safely
+ distinguished from one whose name suffix is <literal> (deleted)</literal>).</para>
<para><function>sd_bus_creds_get_cmdline()</function> will
retrieve an array of command line arguments (as stored in
<para>On success, these calls return 0 or a positive integer. On
failure, these calls return a negative errno-style error code.
</para>
- </refsect1>
- <refsect1>
- <title>Errors</title>
-
- <para>Returned errors may indicate the following problems:</para>
-
- <variablelist>
- <varlistentry>
- <term><constant>-ENODATA</constant></term>
-
- <listitem><para>The given field is not available in the
- credentials object <parameter>c</parameter>.</para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><constant>-ENXIO</constant></term>
-
- <listitem><para>The given field is not specified for the described
- process or peer. This will be returned by
- <function>sd_bus_creds_get_unit()</function>,
- <function>sd_bus_creds_get_slice()</function>,
- <function>sd_bus_creds_get_user_unit()</function>,
- <function>sd_bus_creds_get_user_slice()</function>, and
- <function>sd_bus_creds_get_session()</function> if the process is
- not part of a systemd system unit, systemd user unit, systemd
- slice, or logind session. It will be returned by
- <function>sd_bus_creds_get_owner_uid()</function> if the process is
- not part of a systemd user unit or logind session. It will also be
- returned by <function>sd_bus_creds_get_exe()</function> and
- <function>sd_bus_creds_get_cmdline()</function> for kernel
- threads (since these are not started from an executable binary,
- nor have a command line), and by
- <function>sd_bus_creds_get_audit_session_id()</function> and
- <function>sd_bus_creds_get_audit_login_uid()</function> when
- the process is not part of an audit session, and
- <function>sd_bus_creds_get_tty()</function> if the process has
- no controlling TTY.
- </para>
- </listitem>
- </varlistentry>
-
- <varlistentry>
- <term><constant>-EINVAL</constant></term>
-
- <listitem><para>Specified pointer parameter is <constant>NULL</constant>.
- </para></listitem>
- </varlistentry>
-
- <varlistentry>
- <term><constant>-ENOMEM</constant></term>
-
- <listitem><para>Memory allocation failed.</para></listitem>
- </varlistentry>
- </variablelist>
+ <refsect2>
+ <title>Errors</title>
+
+ <para>Returned errors may indicate the following problems:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><constant>-ENODATA</constant></term>
+
+ <listitem><para>The given field is not available in the credentials object
+ <parameter>c</parameter>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><constant>-ENXIO</constant></term>
+
+ <listitem><para>The given field is not specified for the described process or peer. This will be
+ returned by <function>sd_bus_creds_get_unit()</function>,
+ <function>sd_bus_creds_get_slice()</function>, <function>sd_bus_creds_get_user_unit()</function>,
+ <function>sd_bus_creds_get_user_slice()</function>, and
+ <function>sd_bus_creds_get_session()</function> if the process is not part of a systemd system
+ unit, systemd user unit, systemd slice, or logind session. It will be returned by
+ <function>sd_bus_creds_get_owner_uid()</function> if the process is not part of a systemd user unit
+ or logind session. It will also be returned by <function>sd_bus_creds_get_exe()</function> and
+ <function>sd_bus_creds_get_cmdline()</function> for kernel threads (since these are not started
+ from an executable binary, nor have a command line), and by
+ <function>sd_bus_creds_get_audit_session_id()</function> and
+ <function>sd_bus_creds_get_audit_login_uid()</function> when the process is not part of an audit
+ session, and <function>sd_bus_creds_get_tty()</function> if the process has no controlling
+ TTY.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><constant>-EINVAL</constant></term>
+
+ <listitem><para>Specified pointer parameter is <constant>NULL</constant>.</para></listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><constant>-ENOMEM</constant></term>
+
+ <listitem><para>Memory allocation failed.</para></listitem>
+ </varlistentry>
+ </variablelist>
+ </refsect2>
</refsect1>
<xi:include href="libsystemd-pkgconfig.xml" />