1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
|
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>sd_bus_creds_get_pid</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
a.headerlink {
color: #c60f0f;
font-size: 0.8em;
padding: 0 4px 0 4px;
text-decoration: none;
visibility: hidden;
}
a.headerlink:hover {
background-color: #c60f0f;
color: white;
}
h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
visibility: visible;
}
</style><a href="index.html">Index </a>·
<a href="systemd.directives.html">Directives </a>·
<a href="../python-systemd/index.html">Python </a>·
<a href="../libudev/index.html">libudev </a>·
<a href="../libudev/index.html">gudev </a><span style="float:right">systemd 219</span><hr><div class="refentry"><a name="sd_bus_creds_get_pid"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>sd_bus_creds_get_pid, sd_bus_creds_get_tid, sd_bus_creds_get_uid, sd_bus_creds_get_gid, sd_bus_creds_get_comm, sd_bus_creds_get_tid_comm, sd_bus_creds_get_exe, sd_bus_creds_get_cmdline, sd_bus_creds_get_cgroup, sd_bus_creds_get_unit, sd_bus_creds_get_user_unit, sd_bus_creds_get_slice, sd_bus_creds_get_session, sd_bus_creds_get_owner_uid, sd_bus_creds_has_effective_cap, sd_bus_creds_has_permitted_cap, sd_bus_creds_has_inheritable_cap, sd_bus_creds_has_bounding_cap, sd_bus_creds_get_selinux_context, sd_bus_creds_get_audit_session_id, sd_bus_creds_get_audit_login_uid, sd_bus_creds_get_unique_name, sd_bus_creds_get_well_known_names, sd_bus_creds_get_connection_name — Retrieve fields from a credentials object</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="funcsynopsis"><pre class="funcsynopsisinfo">#include <systemd/sd-bus.h></pre><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_pid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>pid_t *<var class="pdparam">pid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_tid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>pid_t *<var class="pdparam">tid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_pid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uid_t *<var class="pdparam">uid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_gid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>gid_t *<var class="pdparam">gid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_comm</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">comm</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_tid_comm</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">comm</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_exe</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">exe</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_cmdline</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>char ***<var class="pdparam">cmdline</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_cgroup</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">cgroup</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_unit</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">unit</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_user_unit</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">unit</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_slice</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">slice</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_session</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">slice</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_owner_uid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uid_t *<var class="pdparam">uid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_effective_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_permitted_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_inheritable_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_bounding_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_selinux_context</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">context</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_audit_session_id</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uint32_t *<var class="pdparam">sessionid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_audit_login_uid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uid_t *<var class="pdparam">loginuid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_unique_name</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">name</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_well_known_names</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>char ***<var class="pdparam">name</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_connection_name</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">name</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div></div></div><div class="refsect1"><a name="idm139798720989760"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description">¶</a></h2><p>These functions return information from an
<em class="parameter"><code>sd_bus_creds</code></em> object. It may be created with
<a href="sd_bus_creds_new_from_pid.html"><span class="citerefentry"><span class="refentrytitle">sd_bus_creds_new_from_pid</span>(3)</span></a>,
in which case it will describe the specified process, or it may be
created by
<a href="sd_bus_get_owner_creds.html"><span class="citerefentry"><span class="refentrytitle">sd_bus_get_owner_creds</span>(3)</span></a>,
in which case it will describe the process at the other endpoint
of a connection.
</p><p><code class="function">sd_bus_creds_get_pid()</code> will retrieve the
PID (process identifier).</p><p><code class="function">sd_bus_creds_get_tid()</code> will retrieve the
TID (thread identifier).</p><p><code class="function">sd_bus_creds_get_uid()</code> will retrieve the
numeric UID (user identifier).</p><p><code class="function">sd_bus_creds_get_gid()</code> will retrieve the
numeric GID (group identifier).</p><p><code class="function">sd_bus_creds_get_comm()</code> will retrieve the
comm field (truncated name of the executable, as stored in
<code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/comm</code>).
</p><p><code class="function">sd_bus_creds_get_tid_comm()</code> will retrieve
the comm field of the thread (as stored in
<code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/task/<em class="replaceable"><code>tid</code></em>/comm</code>).
</p><p><code class="function">sd_bus_creds_get_exe()</code> will retrieve the
path to the program (as stored in the
<code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/exe</code>
link, but with "<code class="literal"> (deleted)</code>" suffix removed).
</p><p><code class="function">sd_bus_creds_get_cmdline()</code> will retrieve
an array of command line arguments (as stored in
<code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/cmdline</code>).
</p><p><code class="function">sd_bus_creds_get_cgroup()</code> will retrieve
the cgroup path. See <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt" target="_top">cgroups.txt</a>.
</p><p><code class="function">sd_bus_creds_get_unit()</code> will retrieve the
systemd unit name (in the system instance of systemd) that the
process is part of. See
<a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>.
</p><p><code class="function">sd_bus_creds_get_user_unit()</code> will
retrieve the systemd unit name (in the user instance of systemd)
that the process is part of. See
<a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>.
</p><p><code class="function">sd_bus_creds_get_slice()</code> will retrieve
the systemd slice (a unit in the system instance of systemd) that
the process is part of. See
<a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>.
</p><p><code class="function">sd_bus_creds_get_session()</code> will retrieve
the logind session that the process is part of. See
<a href="systemd-logind.service.html"><span class="citerefentry"><span class="refentrytitle">systemd-logind.service</span>(8)</span></a>.
</p><p><code class="function">sd_bus_creds_get_owner_uid()</code> will retrieve
the numeric UID (user identifier) of the user who owns the slice
that the process is part of. See
<a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>
.
</p><p><code class="function">sd_bus_creds_has_effective_cap()</code> will
check whether the capability specified by
<em class="parameter"><code>capability</code></em> was set in the effective
capabilities mask. A positive return value means that is was
set, zero means that it was not set, and a negative return
value signifies an error. See
<a href="http://man7.org/linux/man-pages/man7/capabilities.7.html"><span class="citerefentry"><span class="refentrytitle">capabilities</span>(7)</span></a>
and <code class="varname">Capabilities=</code> and
<code class="varname">CapabilityBoundingSet=</code> settings in
<a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>.
</p><p><code class="function">sd_bus_creds_has_permitted_cap()</code> is
similar to <code class="function">sd_bus_creds_has_effective_cap()</code>,
but will check the permitted capabilities mask.</p><p><code class="function">sd_bus_creds_has_inheritable_cap()</code> is
similar to <code class="function">sd_bus_creds_has_effective_cap()</code>,
but will check the inheritable capabilities mask.</p><p><code class="function">sd_bus_creds_has_bounding_cap()</code> is
similar to <code class="function">sd_bus_creds_has_effective_cap()</code>,
but will check the bounding capabilities mask.</p><p><code class="function">sd_bus_creds_get_selinux_context()</code> will
retrieve the SELinux security context (label) of the process.</p><p><code class="function">sd_bus_creds_get_audit_session_id()</code> will
retrieve the audit session identifier of the process.</p><p><code class="function">sd_bus_creds_get_audit_login_uid()</code> will
retrieve the audit user login identifier (the identifier of the
user who is "responsible" for the session).</p><p><code class="function">sd_bus_creds_get_unique_name()</code> will
retrieve the D-Bus unique name. See <a class="ulink" href="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus" target="_top">The
D-Bus specification</a>.</p><p><code class="function">sd_bus_creds_get_well_known_names()</code> will
retrieve the set of D-Bus well-known names. See <a class="ulink" href="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus" target="_top">The
D-Bus specification</a>.</p><p><code class="function">sd_bus_creds_get_connection_name()</code> will
retrieve a descriptive name of the bus connection of the
peer. This name is useful to discern multiple bus connections by
the same peer, and may be altered by the peer with the
<a href="sd_bus_set_name().html"><span class="citerefentry"><span class="refentrytitle">sd_bus_set_name()</span>(3)</span></a>
call.</p><p>All functions that take a <em class="parameter"><code>const
char**</code></em> parameter will store the answer there as an
address of a NUL-terminated string. It will be valid as long as
<em class="parameter"><code>c</code></em> remains valid, and should not be freed or
modified by the caller.</p><p>All functions that take a <em class="parameter"><code>char***</code></em>
parameter will store the answer there as an address of a an array
of strings. Each invidividual string is NUL-terminated, and the
array is NULL-terminated as a whole. It will be valid as long as
<em class="parameter"><code>c</code></em> remains valid, and should not be freed or
modified by the caller.</p></div><div class="refsect1"><a name="idm139798720943216"></a><h2 id="Return Value">Return Value<a class="headerlink" title="Permalink to this headline" href="#Return%20Value">¶</a></h2><p>On success, these calls return 0 or a positive integer. On
failure, these calls return a negative errno-style error code.
</p></div><div class="refsect1"><a name="idm139798720941920"></a><h2 id="Errors">Errors<a class="headerlink" title="Permalink to this headline" href="#Errors">¶</a></h2><p>Returned errors may indicate the following problems:</p><div class="variablelist"><dl class="variablelist"><dt id="-ENODATA"><span class="term"><code class="constant">-ENODATA</code></span><a class="headerlink" title="Permalink to this term" href="#-ENODATA">¶</a></dt><dd><p>Given field is not available in
<em class="parameter"><code>c</code></em>.</p></dd><dt id="-ENOENT"><span class="term"><code class="constant">-ENOENT</code></span><a class="headerlink" title="Permalink to this term" href="#-ENOENT">¶</a></dt><dd><p>Given field is not specified for the sender.
This will be returned by <code class="function">sd_bus_get_unit()</code>,
<code class="function">sd_bus_get_user_unit()</code>,
<code class="function">sd_bus_get_slice()</code>,
<code class="function">sd_bus_get_session()</code>, and
<code class="function">sd_bus_get_name_creds_uid()</code> if the sender is not
part of a systemd system unit, systemd user unit, systemd
slice, logind session, or a systemd user session.</p></dd><dt id="-ENXIO"><span class="term"><code class="constant">-ENXIO</code></span><a class="headerlink" title="Permalink to this term" href="#-ENXIO">¶</a></dt><dd><p>An error occurred in parsing cgroup paths.
<code class="filename">libsystemd</code> might be out of sync with
the running systemd version.</p></dd><dt id="-EINVAL"><span class="term"><code class="constant">-EINVAL</code></span><a class="headerlink" title="Permalink to this term" href="#-EINVAL">¶</a></dt><dd><p>Specified pointer parameter is <code class="constant">NULL</code>.
</p></dd><dt id="-ENOMEM"><span class="term"><code class="constant">-ENOMEM</code></span><a class="headerlink" title="Permalink to this term" href="#-ENOMEM">¶</a></dt><dd><p>Memory allocation failed.</p></dd></dl></div></div><div class="refsect1"><a name="idm139798720928000"></a><h2 id="Notes">Notes<a class="headerlink" title="Permalink to this headline" href="#Notes">¶</a></h2><p><code class="function">sd_bus_open_user()</code> and other functions
described here are available as a shared library, which can be
compiled and linked to with the
<code class="constant">libsystemd</code> <a href="http://linux.die.net/man/1/pkg-config"><span class="citerefentry"><span class="refentrytitle">pkg-config</span>(1)</span></a>
file.</p></div><div class="refsect1"><a name="idm139798720924816"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also">¶</a></h2><p>
<a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
<a href="sd-bus.html"><span class="citerefentry"><span class="refentrytitle">sd-bus</span>(3)</span></a>,
<a href="http://man7.org/linux/man-pages/man2/fork.2.html"><span class="citerefentry"><span class="refentrytitle">fork</span>(2)</span></a>,
<a href="http://man7.org/linux/man-pages/man2/execve.2.html"><span class="citerefentry"><span class="refentrytitle">execve</span>(2)</span></a>,
<a href="http://man7.org/linux/man-pages/man7/credentials.7.html"><span class="citerefentry"><span class="refentrytitle">credentials</span>(7)</span></a>,
<a href="http://man7.org/linux/man-pages/man3/free.3.html"><span class="citerefentry"><span class="refentrytitle">free</span>(3)</span></a>,
<a href="http://man7.org/linux/man-pages/man5/proc.5.html"><span class="citerefentry"><span class="refentrytitle">proc</span>(5)</span></a>,
<a href="systemd.journald-fields.html"><span class="citerefentry"><span class="refentrytitle">systemd.journald-fields</span>(7)</span></a>
</p></div></div></body></html>
|