sd_bus_creds_has_inheritable_cap.html 22.2 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>sd_bus_creds_get_pid</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
    a.headerlink {
      color: #c60f0f;
      font-size: 0.8em;
      padding: 0 4px 0 4px;
      text-decoration: none;
      visibility: hidden;
    }

    a.headerlink:hover {
      background-color: #c60f0f;
      color: white;
    }

    h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
      visibility: visible;
    }
  </style><a href="index.html">Index </a>·
  <a href="systemd.directives.html">Directives </a>·
  <a href="../python-systemd/index.html">Python </a>·
  <a href="../libudev/index.html">libudev </a>·
22
  <a href="../libudev/index.html">gudev </a><span style="float:right">systemd 215</span><hr><div class="refentry"><a name="sd_bus_creds_get_pid"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>sd_bus_creds_get_pid, sd_bus_creds_get_pid_starttime, sd_bus_creds_get_tid, sd_bus_creds_get_uid, sd_bus_creds_get_gid, sd_bus_creds_get_comm, sd_bus_creds_get_tid_comm, sd_bus_creds_get_exe, sd_bus_creds_get_cmdline, sd_bus_creds_get_cgroup, sd_bus_creds_get_unit, sd_bus_creds_get_user_unit, sd_bus_creds_get_slice, sd_bus_creds_get_session, sd_bus_creds_get_owner_uid, sd_bus_creds_has_effective_cap, sd_bus_creds_has_permitted_cap, sd_bus_creds_has_inheritable_cap, sd_bus_creds_has_bounding_cap, sd_bus_creds_get_selinux_context, sd_bus_creds_get_audit_session_id, sd_bus_creds_get_audit_login_uid, sd_bus_creds_get_unique_name, sd_bus_creds_get_well_known_names — Retrieve fields from a credentials object</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><div class="funcsynopsis"><pre class="funcsynopsisinfo">#include &lt;systemd/sd-bus.h&gt;</pre><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_pid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>pid_t *<var class="pdparam">pid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_pid_starttime</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uint64_t *<var class="pdparam">usec</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_tid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>pid_t *<var class="pdparam">tid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_pid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uid_t *<var class="pdparam">uid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_gid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>gid_t *<var class="pdparam">gid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_comm</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">comm</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_tid_comm</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">comm</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_exe</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">exe</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_cmdline</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>char ***<var class="pdparam">cmdline</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_cgroup</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">cgroup</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_unit</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">unit</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_user_unit</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">unit</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_slice</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">slice</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_session</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">slice</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_owner_uid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uid_t *<var class="pdparam">uid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_effective_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_permitted_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_inheritable_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_has_bounding_cap</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>int <var class="pdparam">capability</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_selinux_context</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">context</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_audit_session_id</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uint32_t *<var class="pdparam">sessionid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_audit_login_uid</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>uid_t *<var class="pdparam">loginuid</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_unique_name</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>const char **<var class="pdparam">name</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div><table border="0" class="funcprototype-table" summary="Function synopsis" style="cellspacing: 0; cellpadding: 0;"><tr><td><code class="funcdef">int <b class="fsfunc">sd_bus_creds_get_well_known_names</b>(</code></td><td>sd_bus_creds *<var class="pdparam">c</var>, </td></tr><tr><td> </td><td>char ***<var class="pdparam">name</var><code>)</code>;</td></tr></table><div class="funcprototype-spacer"> </div></div></div><div class="refsect1"><a name="idm214195952656"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description"></a></h2><p>These functions return information from an
23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
    <em class="parameter"><code>sd_bus_creds</code></em> object. It may be created with
    <a href="sd_bus_creds_new_from_pid.html"><span class="citerefentry"><span class="refentrytitle">sd_bus_creds_new_from_pid</span>(3)</span></a>,
    in which case it will describe the specified process, or it may be
    created by
    <a href="sd_bus_get_peer_creds.html"><span class="citerefentry"><span class="refentrytitle">sd_bus_get_peer_creds</span>(3)</span></a>,
    in which case it will describe the process at the other endpoint
    of a connection.
    </p><p><code class="function">sd_bus_creds_get_pid</code> will retrieve the
    PID (process identifier).</p><p><code class="function">sd_bus_creds_get_pid_starttime</code> will
    retrieve the time since the start of the epoch in microseconds
    since the process was started.</p><p><code class="function">sd_bus_creds_get_tid</code> will retrieve the
    TID (thread identifier).</p><p><code class="function">sd_bus_creds_get_uid</code> will retrieve the
    numeric UID (user identifier).</p><p><code class="function">sd_bus_creds_get_gid</code> will retrieve the
    numeric GID (group identifier).</p><p><code class="function">sd_bus_creds_get_comm</code> will retrieve the
    comm field (truncated name of the executable, as stored in
    <code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/comm</code>).
    </p><p><code class="function">sd_bus_creds_get_tid_comm</code> will retrieve
    the comm field of the thread (as stored in
    <code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/task/<em class="replaceable"><code>tid</code></em>/comm</code>).
    </p><p><code class="function">sd_bus_creds_get_exe</code> will retrieve the
    path to the program (as stored in the
    <code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/exe</code>
    link, but with "<code class="literal"> (deleted)</code>" suffix removed).
    </p><p><code class="function">sd_bus_creds_get_cmdline</code> will retrieve
    an array of command-line arguments (as stored in
    <code class="filename">/proc/<em class="replaceable"><code>pid</code></em>/cmdline</code>).
    </p><p><code class="function">sd_bus_creds_get_cgroup</code> will retrieve
    the cgroup path. See <a class="ulink" href="https://www.kernel.org/doc/Documentation/cgroups/cgroups.txt" target="_top">cgroups.txt</a>.
    </p><p><code class="function">sd_bus_creds_get_unit</code> will retrieve the
    systemd unit name (in the system instance of systemd) that the
    process is part of. See
    <a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>.
    </p><p><code class="function">sd_bus_creds_get_user_unit</code> will
    retrieve the systemd unit name (in the user instance of systemd)
    that the process is part of. See
    <a href="systemd.unit.html"><span class="citerefentry"><span class="refentrytitle">systemd.unit</span>(5)</span></a>.
    </p><p><code class="function">sd_bus_creds_get_slice</code> will retrieve
    the systemd slice (a unit in the system instance of systemd) that
    the process is part of. See
    <a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>.
    </p><p><code class="function">sd_bus_creds_get_session</code> will retrieve
    the logind session that the process is part of. See
    <a href="systemd-logind.service.html"><span class="citerefentry"><span class="refentrytitle">systemd-logind.service</span>(8)</span></a>.
    </p><p><code class="function">sd_bus_creds_get_owner_uid</code> will retrieve
    the numeric UID (user identifier) of the user who owns the slice
    that the process is part of. See
    <a href="systemd.slice.html"><span class="citerefentry"><span class="refentrytitle">systemd.slice</span>(5)</span></a>
    .
    </p><p><code class="function">sd_bus_creds_has_effective_cap</code> will
    check whether the capability specified by
    <em class="parameter"><code>capability</code></em> was set in the effective
    capabilities mask. A positive return value means that is was
    set, zero means that it was not set, and a negative return
    value signifies an error. See
    <a href="capabilities.html"><span class="citerefentry"><span class="refentrytitle">capabilities</span>(7)</span></a>
    and <code class="varname">Capabilities=</code> and
    <code class="varname">CapabilityBoundingSet=</code> settings in
    <a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>.
    </p><p><code class="function">sd_bus_creds_has_permitted_cap</code> is
    similar to <code class="function">sd_bus_creds_has_effective_cap</code>,
    but will check the permitted capabilities mask.</p><p><code class="function">sd_bus_creds_has_inheritable_cap</code> is
    similar to <code class="function">sd_bus_creds_has_effective_cap</code>,
    but will check the inheritable capabilities mask.</p><p><code class="function">sd_bus_creds_has_bounding_cap</code> is
    similar to <code class="function">sd_bus_creds_has_effective_cap</code>,
    but will check the bounding capabilities mask.</p><p><code class="function">sd_bus_creds_get_selinux_context</code> will
    retrieve the SELinux security context (label) of the process.</p><p><code class="function">sd_bus_creds_get_audit_session_id</code> will
    retrieve the audit session identifier of the process.</p><p><code class="function">sd_bus_creds_get_audit_login_uid</code> will
    retrieve the audit user login identifier (the identifier of the
    user who is "responsible" for the session).</p><p><code class="function">sd_bus_creds_get_unique_name</code> will
    retrieve the D-Bus unique name. See <a class="ulink" href="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus" target="_top">The
    D-Bus specification</a>.</p><p><code class="function">sd_bus_creds_get_well_known_names</code> will
    retrieve the set of D-Bus well-known names. See <a class="ulink" href="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus" target="_top">The
    D-Bus specification</a>.</p><p>All functions that take a <em class="parameter"><code>const
    char**</code></em> parameter will store the answer there as an
    address of a NUL-terminated string. It will be valid as long as
    <em class="parameter"><code>c</code></em> remains valid, and should not be freed or
    modified by the caller.</p><p>All functions that take a <em class="parameter"><code>char***</code></em>
    parameter will store the answer there as an address of a an array
    of strings. Each invidividual string is NUL-terminated, and the
    array is NULL-terminated as a whole. It will be valid as long as
    <em class="parameter"><code>c</code></em> remains valid, and should not be freed or
104
    modified by the caller.</p></div><div class="refsect1"><a name="idm214195728128"></a><h2 id="Return Value">Return Value<a class="headerlink" title="Permalink to this headline" href="#Return%20Value"></a></h2><p>On success, these calls return 0 or a positive integer. On
105
    failure, these calls return a negative errno-style error code.
106
    </p></div><div class="refsect1"><a name="idm214195726800"></a><h2 id="Errors">Errors<a class="headerlink" title="Permalink to this headline" href="#Errors"></a></h2><p>Returned errors may indicate the following problems:</p><div class="variablelist"><dl class="variablelist"><dt id="-ENODATA"><span class="term"><code class="varname">-ENODATA</code></span><a class="headerlink" title="Permalink to this term" href="#-ENODATA"></a></dt><dd><p>Given field is not available in
107 108 109 110 111 112 113 114 115 116
        <em class="parameter"><code>c</code></em>.</p></dd><dt id="-ENOENT"><span class="term"><code class="varname">-ENOENT</code></span><a class="headerlink" title="Permalink to this term" href="#-ENOENT"></a></dt><dd><p>Given field is not specified for the sender.
        This will be returned by <code class="function">sd_bus_get_unit</code>,
        <code class="function">sd_bus_get_user_unit</code>,
        <code class="function">sd_bus_get_slice</code>,
        <code class="function">sd_bus_get_session</code>, and
        <code class="function">sd_bus_get_owner_uid</code> if the sender is not
        part of a systemd system unit, systemd user unit, systemd
        slice, logind session, or a systemd user session.</p></dd><dt id="-ENXIO"><span class="term"><code class="varname">-ENXIO</code></span><a class="headerlink" title="Permalink to this term" href="#-ENXIO"></a></dt><dd><p>An error occured in parsing cgroup paths.
        <code class="filename">libsystemd</code> might be out of sync with
        the running systemd version.</p></dd><dt id="-EINVAL"><span class="term"><code class="varname">-EINVAL</code></span><a class="headerlink" title="Permalink to this term" href="#-EINVAL"></a></dt><dd><p>Specified pointer parameter is <code class="constant">NULL</code>.
117
        </p></dd><dt id="-ENOMEM"><span class="term"><code class="varname">-ENOMEM</code></span><a class="headerlink" title="Permalink to this term" href="#-ENOMEM"></a></dt><dd><p>Memory allocation failed.</p></dd></dl></div></div><div class="refsect1"><a name="idm214199611568"></a><h2 id="Notes">Notes<a class="headerlink" title="Permalink to this headline" href="#Notes"></a></h2><p><code class="function">sd_bus_open_user()</code> and other functions
118 119 120
    described here are available as a shared library, which can be
    compiled and linked to with the
    <code class="constant">libsystemd</code> <a href="pkg-config.html"><span class="citerefentry"><span class="refentrytitle">pkg-config</span>(1)</span></a>
121
    file.</p></div><div class="refsect1"><a name="idm214199608400"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also"></a></h2><p>
122 123 124 125 126 127 128 129 130
      <a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
      <a href="sd-bus.html"><span class="citerefentry"><span class="refentrytitle">sd-bus</span>(3)</span></a>,
      <a href="credentials.html"><span class="citerefentry"><span class="refentrytitle">credentials</span>(7)</span></a>,
      <a href="fork.html"><span class="citerefentry"><span class="refentrytitle">fork</span>(2)</span></a>,
      <a href="execve.html"><span class="citerefentry"><span class="refentrytitle">execve</span>(2)</span></a>,
      <a href="free.html"><span class="citerefentry"><span class="refentrytitle">free</span>(3)</span></a>,
      <a href="proc.html"><span class="citerefentry"><span class="refentrytitle">proc</span>(5)</span></a>,
      <a href="systemd.journald-fields.html"><span class="citerefentry"><span class="refentrytitle">systemd.journald-fields</span>(7)</span></a>
    </p></div></div></body></html>