sd_bus_creds_get_pid, sd_bus_creds_get_pid_starttime, sd_bus_creds_get_tid, sd_bus_creds_get_uid, sd_bus_creds_get_gid, sd_bus_creds_get_comm, sd_bus_creds_get_tid_comm, sd_bus_creds_get_exe, sd_bus_creds_get_cmdline, sd_bus_creds_get_cgroup, sd_bus_creds_get_unit, sd_bus_creds_get_user_unit, sd_bus_creds_get_slice, sd_bus_creds_get_session, sd_bus_creds_get_owner_uid, sd_bus_creds_has_effective_cap, sd_bus_creds_has_permitted_cap, sd_bus_creds_has_inheritable_cap, sd_bus_creds_has_bounding_cap, sd_bus_creds_get_selinux_context, sd_bus_creds_get_audit_session_id, sd_bus_creds_get_audit_login_uid, sd_bus_creds_get_unique_name, sd_bus_creds_get_well_known_names — Retrieve fields from a credentials object
#include <systemd/sd-bus.h>
int sd_bus_creds_get_pid( | sd_bus_creds *c, |
pid_t *pid); |
int sd_bus_creds_get_pid_starttime( | sd_bus_creds *c, |
uint64_t *usec); |
int sd_bus_creds_get_tid( | sd_bus_creds *c, |
pid_t *tid); |
int sd_bus_creds_get_pid( | sd_bus_creds *c, |
uid_t *uid); |
int sd_bus_creds_get_gid( | sd_bus_creds *c, |
gid_t *gid); |
int sd_bus_creds_get_comm( | sd_bus_creds *c, |
const char **comm); |
int sd_bus_creds_get_tid_comm( | sd_bus_creds *c, |
const char **comm); |
int sd_bus_creds_get_exe( | sd_bus_creds *c, |
const char **exe); |
int sd_bus_creds_get_cmdline( | sd_bus_creds *c, |
char ***cmdline); |
int sd_bus_creds_get_cgroup( | sd_bus_creds *c, |
const char **cgroup); |
int sd_bus_creds_get_unit( | sd_bus_creds *c, |
const char **unit); |
int sd_bus_creds_get_user_unit( | sd_bus_creds *c, |
const char **unit); |
int sd_bus_creds_get_slice( | sd_bus_creds *c, |
const char **slice); |
int sd_bus_creds_get_session( | sd_bus_creds *c, |
const char **slice); |
int sd_bus_creds_get_owner_uid( | sd_bus_creds *c, |
uid_t *uid); |
int sd_bus_creds_has_effective_cap( | sd_bus_creds *c, |
int capability); |
int sd_bus_creds_has_permitted_cap( | sd_bus_creds *c, |
int capability); |
int sd_bus_creds_has_inheritable_cap( | sd_bus_creds *c, |
int capability); |
int sd_bus_creds_has_bounding_cap( | sd_bus_creds *c, |
int capability); |
int sd_bus_creds_get_selinux_context( | sd_bus_creds *c, |
const char **context); |
int sd_bus_creds_get_audit_session_id( | sd_bus_creds *c, |
uint32_t *sessionid); |
int sd_bus_creds_get_audit_login_uid( | sd_bus_creds *c, |
uid_t *loginuid); |
int sd_bus_creds_get_unique_name( | sd_bus_creds *c, |
const char **name); |
int sd_bus_creds_get_well_known_names( | sd_bus_creds *c, |
char ***name); |
These functions return information from an
sd_bus_creds object. It may be created with
sd_bus_creds_new_from_pid(3),
in which case it will describe the specified process, or it may be
created by
sd_bus_get_peer_creds(3),
in which case it will describe the process at the other endpoint
of a connection.
sd_bus_creds_get_pid will retrieve the
PID (process identifier).
sd_bus_creds_get_pid_starttime will
retrieve the time since the start of the epoch in microseconds
since the process was started.
sd_bus_creds_get_tid will retrieve the
TID (thread identifier).
sd_bus_creds_get_uid will retrieve the
numeric UID (user identifier).
sd_bus_creds_get_gid will retrieve the
numeric GID (group identifier).
sd_bus_creds_get_comm will retrieve the
comm field (truncated name of the executable, as stored in
/proc/).
pid/comm
sd_bus_creds_get_tid_comm will retrieve
the comm field of the thread (as stored in
/proc/).
pid/task/tid/comm
sd_bus_creds_get_exe will retrieve the
path to the program (as stored in the
/proc/
link, but with "pid/exe (deleted)" suffix removed).
sd_bus_creds_get_cmdline will retrieve
an array of command-line arguments (as stored in
/proc/).
pid/cmdline
sd_bus_creds_get_cgroup will retrieve
the cgroup path. See cgroups.txt.
sd_bus_creds_get_unit will retrieve the
systemd unit name (in the system instance of systemd) that the
process is part of. See
systemd.unit(5).
sd_bus_creds_get_user_unit will
retrieve the systemd unit name (in the user instance of systemd)
that the process is part of. See
systemd.unit(5).
sd_bus_creds_get_slice will retrieve
the systemd slice (a unit in the system instance of systemd) that
the process is part of. See
systemd.slice(5).
sd_bus_creds_get_session will retrieve
the logind session that the process is part of. See
systemd-logind.service(8).
sd_bus_creds_get_owner_uid will retrieve
the numeric UID (user identifier) of the user who owns the slice
that the process is part of. See
systemd.slice(5)
.
sd_bus_creds_has_effective_cap will
check whether the capability specified by
capability was set in the effective
capabilities mask. A positive return value means that is was
set, zero means that it was not set, and a negative return
value signifies an error. See
capabilities(7)
and Capabilities= and
CapabilityBoundingSet= settings in
systemd.exec(5).
sd_bus_creds_has_permitted_cap is
similar to sd_bus_creds_has_effective_cap,
but will check the permitted capabilities mask.
sd_bus_creds_has_inheritable_cap is
similar to sd_bus_creds_has_effective_cap,
but will check the inheritable capabilities mask.
sd_bus_creds_has_bounding_cap is
similar to sd_bus_creds_has_effective_cap,
but will check the bounding capabilities mask.
sd_bus_creds_get_selinux_context will
retrieve the SELinux security context (label) of the process.
sd_bus_creds_get_audit_session_id will
retrieve the audit session identifier of the process.
sd_bus_creds_get_audit_login_uid will
retrieve the audit user login identifier (the identifier of the
user who is "responsible" for the session).
sd_bus_creds_get_unique_name will
retrieve the D-Bus unique name. See The
D-Bus specification.
sd_bus_creds_get_well_known_names will
retrieve the set of D-Bus well-known names. See The
D-Bus specification.
All functions that take a const
char** parameter will store the answer there as an
address of a NUL-terminated string. It will be valid as long as
c remains valid, and should not be freed or
modified by the caller.
All functions that take a char***
parameter will store the answer there as an address of a an array
of strings. Each invidividual string is NUL-terminated, and the
array is NULL-terminated as a whole. It will be valid as long as
c remains valid, and should not be freed or
modified by the caller.
On success, these calls return 0 or a positive integer. On failure, these calls return a negative errno-style error code.
Returned errors may indicate the following problems:
-ENODATA¶Given field is not available in
c.
-ENOENT¶Given field is not specified for the sender.
This will be returned by sd_bus_get_unit,
sd_bus_get_user_unit,
sd_bus_get_slice,
sd_bus_get_session, and
sd_bus_get_owner_uid if the sender is not
part of a systemd system unit, systemd user unit, systemd
slice, logind session, or a systemd user session.
-ENXIO¶An error occured in parsing cgroup paths.
libsystemd might be out of sync with
the running systemd version.
-EINVAL¶Specified pointer parameter is NULL.
-ENOMEM¶Memory allocation failed.
sd_bus_open_user() and other functions
described here are available as a shared library, which can be
compiled and linked to with the
libsystemd pkg-config(1)
file.
systemd(1), sd-bus(3), credentials(7), fork(2), execve(2), free(3), proc(5), systemd.journald-fields(7)