<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
-<!ENTITY % entities SYSTEM "custom-entities.ent" >
-%entities;
-]>
+"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
+ SPDX-License-Identifier: LGPL-2.1+
+
This file is part of systemd.
Copyright 2014 Zbigniew Jędrzejewski-Szmek
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
-<refentry id="sd_bus_creds_get_pid" conditional="ENABLE_KDBUS">
+<refentry id="sd_bus_creds_get_pid" xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>sd_bus_creds_get_pid</title>
<refname>sd_bus_creds_get_cmdline</refname>
<refname>sd_bus_creds_get_cgroup</refname>
<refname>sd_bus_creds_get_unit</refname>
- <refname>sd_bus_creds_get_user_unit</refname>
<refname>sd_bus_creds_get_slice</refname>
+ <refname>sd_bus_creds_get_user_unit</refname>
+ <refname>sd_bus_creds_get_user_slice</refname>
<refname>sd_bus_creds_get_session</refname>
<refname>sd_bus_creds_get_owner_uid</refname>
<refname>sd_bus_creds_has_effective_cap</refname>
<paramdef>const char **<parameter>unit</parameter></paramdef>
</funcprototype>
+ <funcprototype>
+ <funcdef>int <function>sd_bus_creds_get_slice</function></funcdef>
+ <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
+ <paramdef>const char **<parameter>slice</parameter></paramdef>
+ </funcprototype>
+
<funcprototype>
<funcdef>int <function>sd_bus_creds_get_user_unit</function></funcdef>
<paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
</funcprototype>
<funcprototype>
- <funcdef>int <function>sd_bus_creds_get_slice</function></funcdef>
+ <funcdef>int <function>sd_bus_creds_get_user_slice</function></funcdef>
<paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
<paramdef>const char **<parameter>slice</parameter></paramdef>
</funcprototype>
<refsect1>
<title>Description</title>
- <para>These functions return information from an
- <parameter>sd_bus_creds</parameter> credential object. Credential
- objects may be created with
+ <para>These functions return credential information from an
+ <parameter>sd_bus_creds</parameter> object. Credential objects may
+ be created with
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
in which case they describe the credentials of the process
identified by the specified PID, with
in which case they describe the credentials of the creator of a
bus, or with
<citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
- in which case they describe the credentials of the sender of the message.</para>
+ in which case they describe the credentials of the sender of the
+ message.</para>
+
+ <para>Not all credential fields are part of every
+ <literal>sd_bus_creds</literal> object. Use
+ <citerefentry><refentrytitle>sd_bus_creds_get_mask</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+ to determine the mask of fields available.</para>
<para><function>sd_bus_creds_get_pid()</function> will retrieve
- the PID (process identifier). Similar,
+ the PID (process identifier). Similarly,
<function>sd_bus_creds_get_ppid()</function> will retrieve the
parent PID. Note that PID 1 has no parent process, in which case
-ENXIO is returned.</para>
TID (thread identifier).</para>
<para><function>sd_bus_creds_get_uid()</function> will retrieve
- the numeric UID (user identifier). Similar,
+ the numeric UID (user identifier). Similarly,
<function>sd_bus_creds_get_euid()</function> returns the effective
UID, <function>sd_bus_creds_get_suid()</function> the saved UID
and <function>sd_bus_creds_get_fsuid()</function> the file system
UID.</para>
<para><function>sd_bus_creds_get_gid()</function> will retrieve the
- numeric GID (group identifier). Similar,
+ numeric GID (group identifier). Similarly,
<function>sd_bus_creds_get_egid()</function> returns the effective
GID, <function>sd_bus_creds_get_sgid()</function> the saved GID
and <function>sd_bus_creds_get_fsgid()</function> the file system
<para><function>sd_bus_creds_get_exe()</function> will retrieve
the path to the program executable (as stored in the
<filename>/proc/<replaceable>pid</replaceable>/exe</filename>
- link, but with <literal> (deleted)</literal> suffix removed). Note
+ link, but with the <literal> (deleted)</literal> suffix removed). Note
that kernel threads do not have an executable path, in which case
-ENXIO is returned.</para>
-ENXIO is returned.</para>
<para><function>sd_bus_creds_get_cgroup()</function> will retrieve
- the cgroup path. See <ulink
- url="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>.
+ the c
ontrol group path. See <ulink
+ url="https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt">cgroups.txt</ulink>.
</para>
<para><function>sd_bus_creds_get_unit()</function> will retrieve
the systemd unit name (in the system instance of systemd) that the
- process is part of. See
+ process is a part of. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For
- processes that are not part of a unit returns -ENXIO.
+ processes that are not part of a unit, returns -ENXIO.
</para>
<para><function>sd_bus_creds_get_user_unit()</function> will
retrieve the systemd unit name (in the user instance of systemd)
- that the process is part of. See
+ that the process is a part of. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For
- processes that are not part of a user unit returns -ENXIO.
+ processes that are not part of a user unit, returns -ENXIO.
</para>
<para><function>sd_bus_creds_get_slice()</function> will retrieve
the systemd slice (a unit in the system instance of systemd) that
- the process is part of. See
- <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ the process is a part of. See
+ <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similarly,
+ <function>sd_bus_creds_get_user_slice()</function> retrieves the
+ systemd slice of the process, in the user instance of systemd.
</para>
<para><function>sd_bus_creds_get_session()</function> will
- retrieve the logind session that the process is part of. See
- <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. For
- processes that are not part of a session returns -ENXIO.
- </para>
+ retrieve the identifier of the login session that the process is
+ a part of. Please note the login session may be limited to a stub
+ process or two. User processes may instead be started from their
+ systemd user manager, e.g. GUI applications started using DBus
+ activation, as well as service processes which are shared between
+ multiple logins of the same user. For processes that are not part
+ of a session, returns -ENXIO.</para>
<para><function>sd_bus_creds_get_owner_uid()</function> will
retrieve the numeric UID (user identifier) of the user who owns
- the session that the process is part of. See
- <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- For processes that are not part of a session returns -ENXIO.
+ the user unit or login session that the process is a part of. See
+ <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
+ For processes that are not part of a user unit or session, returns
+ -ENXIO.
</para>
- <para><function>sd_bus_creds_has_effective_cap()</function> will
- check whether the capability specified by
- <parameter>capability</parameter> was set in the effective
- capabilities mask. A positive return value means that is was
- set, zero means that it was not set, and a negative return
- value signifies an error. See
- <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
- and <varname>Capabilities=</varname> and
- <varname>CapabilityBoundingSet=</varname> settings in
+ <para><function>sd_bus_creds_has_effective_cap()</function> will check whether the capability specified by
+ <parameter>capability</parameter> was set in the effective capabilities mask. A positive return value means that it
+ was set, zero means that it was not set, and a negative return value indicates an error. See <citerefentry
+ project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> and the
+ <varname>AmbientCapabilities=</varname> and <varname>CapabilityBoundingSet=</varname> settings in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
</para>
processes that are not part of an audit session.</para>
<para><function>sd_bus_creds_get_tty()</function> will retrieve
- the controlling TTY. Returns -ENXIO for processes that have no
- controlling TTY.</para>
+ the controlling TTY, without the prefixing "/dev/". Returns -ENXIO
+ for processes that have no controlling TTY.</para>
<para><function>sd_bus_creds_get_unique_name()</function> will
retrieve the D-Bus unique name. See <ulink
modified by the caller.</para>
<para>All functions that take a <parameter>char***</parameter>
- parameter will store the answer there as an address of a an array
+ parameter will store the answer there as an address of an array
of strings. Each individual string is NUL-terminated, and the
array is NULL-terminated as a whole. It will be valid as long as
<parameter>c</parameter> remains valid, and should not be freed or
<varlistentry>
<term><constant>-ENODATA</constant></term>
- <listitem><para>Given field is not available in the
+ <listitem><para>The given field is not available in the
credentials object <parameter>c</parameter>.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><constant>-ENXIO</constant></term>
- <listitem><para>Given field is not specified for the described
+ <listitem><para>The given field is not specified for the described
process or peer. This will be returned by
- <function>sd_bus_get_unit()</function>,
- <function>sd_bus_get_user_unit()</function>,
- <function>sd_bus_get_slice()</function>,
- <function>sd_bus_get_session()</function>, and
- <function>sd_bus_get_owner_uid()</function> if the process is
+ <function>sd_bus_creds_get_unit()</function>,
+ <function>sd_bus_creds_get_slice()</function>,
+ <function>sd_bus_creds_get_user_unit()</function>,
+ <function>sd_bus_creds_get_user_slice()</function>, and
+ <function>sd_bus_creds_get_session()</function> if the process is
not part of a systemd system unit, systemd user unit, systemd
- slice, or logind session. It will also be returned by
- <function>sd_bus_creds_get_exe()</function> and
+ slice, or logind session. It will be returned by
+ <function>sd_bus_creds_get_owner_uid()</function> if the process is
+ not part of a systemd user unit or logind session. It will also be
+ returned by <function>sd_bus_creds_get_exe()</function> and
<function>sd_bus_creds_get_cmdline()</function> for kernel
- threads (since these aren't started from an executable binary
- or have a command line),
+ threads (since these are not started from an executable binary,
+ nor have a command line), and by
<function>sd_bus_creds_get_audit_session_id()</function> and
<function>sd_bus_creds_get_audit_login_uid()</function> when
the process is not part of an audit session, and
</variablelist>
</refsect1>
- <refsect1>
- <title>Notes</title>
-
- <para><function>sd_bus_open_user()</function> and other functions
- described here are available as a shared library, which can be
- compiled and linked to with the
- <constant>libsystemd</constant> <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
- file.</para>
- </refsect1>
+ <xi:include href="libsystemd-pkgconfig.xml" />
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
+ <citerefentry project='man-pages'><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>credentials</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
projects / thirdparty / systemd.git / blobdiff