sd_bus_creds_get_pid(3) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | NOTES | HISTORY | SEE ALSO | NOTES | COLOPHON

SD_BUS_CREDS_GET_PID(3)   sd_bus_creds_get_pid   SD_BUS_CREDS_GET_PID(3)

NAME         top

       sd_bus_creds_get_pid, sd_bus_creds_get_ppid,
       sd_bus_creds_get_tid, sd_bus_creds_get_uid,
       sd_bus_creds_get_euid, sd_bus_creds_get_suid,
       sd_bus_creds_get_fsuid, sd_bus_creds_get_gid,
       sd_bus_creds_get_egid, sd_bus_creds_get_sgid,
       sd_bus_creds_get_fsgid, sd_bus_creds_get_supplementary_gids,
       sd_bus_creds_get_comm, sd_bus_creds_get_tid_comm,
       sd_bus_creds_get_exe, sd_bus_creds_get_cmdline,
       sd_bus_creds_get_cgroup, sd_bus_creds_get_unit,
       sd_bus_creds_get_slice, sd_bus_creds_get_user_unit,
       sd_bus_creds_get_user_slice, sd_bus_creds_get_session,
       sd_bus_creds_get_owner_uid, sd_bus_creds_has_effective_cap,
       sd_bus_creds_has_permitted_cap, sd_bus_creds_has_inheritable_cap,
       sd_bus_creds_has_bounding_cap, sd_bus_creds_get_selinux_context,
       sd_bus_creds_get_audit_session_id,
       sd_bus_creds_get_audit_login_uid, sd_bus_creds_get_tty,
       sd_bus_creds_get_unique_name, sd_bus_creds_get_well_known_names,
       sd_bus_creds_get_description - Retrieve fields from a credentials
       object

SYNOPSIS         top

       #include <systemd/sd-bus.h>

       int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid);

       int sd_bus_creds_get_ppid(sd_bus_creds *c, pid_t *ppid);

       int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid);

       int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid);

       int sd_bus_creds_get_euid(sd_bus_creds *c, uid_t *uid);

       int sd_bus_creds_get_suid(sd_bus_creds *c, uid_t *uid);

       int sd_bus_creds_get_fsuid(sd_bus_creds *c, uid_t *uid);

       int sd_bus_creds_get_gid(sd_bus_creds *c, gid_t *gid);

       int sd_bus_creds_get_egid(sd_bus_creds *c, gid_t *gid);

       int sd_bus_creds_get_sgid(sd_bus_creds *c, gid_t *gid);

       int sd_bus_creds_get_fsgid(sd_bus_creds *c, gid_t *gid);

       int sd_bus_creds_get_supplementary_gids(sd_bus_creds *c,
                                               const gid_t **gids);

       int sd_bus_creds_get_comm(sd_bus_creds *c, const char **comm);

       int sd_bus_creds_get_tid_comm(sd_bus_creds *c,
                                     const char **comm);

       int sd_bus_creds_get_exe(sd_bus_creds *c, const char **exe);

       int sd_bus_creds_get_cmdline(sd_bus_creds *c, char ***cmdline);

       int sd_bus_creds_get_cgroup(sd_bus_creds *c,
                                   const char **cgroup);

       int sd_bus_creds_get_unit(sd_bus_creds *c, const char **unit);

       int sd_bus_creds_get_slice(sd_bus_creds *c, const char **slice);

       int sd_bus_creds_get_user_unit(sd_bus_creds *c,
                                      const char **unit);

       int sd_bus_creds_get_user_slice(sd_bus_creds *c,
                                       const char **slice);

       int sd_bus_creds_get_session(sd_bus_creds *c,
                                    const char **slice);

       int sd_bus_creds_get_owner_uid(sd_bus_creds *c, uid_t *uid);

       int sd_bus_creds_has_effective_cap(sd_bus_creds *c,
                                          int capability);

       int sd_bus_creds_has_permitted_cap(sd_bus_creds *c,
                                          int capability);

       int sd_bus_creds_has_inheritable_cap(sd_bus_creds *c,
                                            int capability);

       int sd_bus_creds_has_bounding_cap(sd_bus_creds *c,
                                         int capability);

       int sd_bus_creds_get_selinux_context(sd_bus_creds *c,
                                            const char **context);

       int sd_bus_creds_get_audit_session_id(sd_bus_creds *c,
                                             uint32_t *sessionid);

       int sd_bus_creds_get_audit_login_uid(sd_bus_creds *c,
                                            uid_t *loginuid);

       int sd_bus_creds_get_tty(sd_bus_creds *c, const char **tty);

       int sd_bus_creds_get_unique_name(sd_bus_creds *c,
                                        const char **name);

       int sd_bus_creds_get_well_known_names(sd_bus_creds *c,
                                             char ***name);

       int sd_bus_creds_get_description(sd_bus_creds *c,
                                        const char **name);

DESCRIPTION         top

       These functions return credential information from an
       sd_bus_creds object. Credential objects may be created with
       sd_bus_creds_new_from_pid(3), in which case they describe the
       credentials of the process identified by the specified PID, with
       sd_bus_get_name_creds(3), in which case they describe the
       credentials of a bus peer identified by the specified bus name,
       with sd_bus_get_owner_creds(3), in which case they describe the
       credentials of the creator of a bus, or with
       sd_bus_message_get_creds(3), in which case they describe the
       credentials of the sender of the message.

       Not all credential fields are part of every "sd_bus_creds"
       object. Use sd_bus_creds_get_mask(3) to determine the mask of
       fields available.

       sd_bus_creds_get_pid() will retrieve the PID (process
       identifier). Similarly, sd_bus_creds_get_ppid() will retrieve the
       parent PID. Note that PID 1 has no parent process, in which case
       -ENXIO is returned.

       sd_bus_creds_get_tid() will retrieve the TID (thread identifier).

       sd_bus_creds_get_uid() will retrieve the numeric UID (user
       identifier). Similarly, sd_bus_creds_get_euid() returns the
       effective UID, sd_bus_creds_get_suid() the saved UID and
       sd_bus_creds_get_fsuid() the file system UID.

       sd_bus_creds_get_gid() will retrieve the numeric GID (group
       identifier). Similarly, sd_bus_creds_get_egid() returns the
       effective GID, sd_bus_creds_get_sgid() the saved GID and
       sd_bus_creds_get_fsgid() the file system GID.

       sd_bus_creds_get_supplementary_gids() will retrieve the
       supplementary GIDs list.

       sd_bus_creds_get_comm() will retrieve the comm field (truncated
       name of the executable, as stored in /proc/pid/comm).

       sd_bus_creds_get_tid_comm() will retrieve the comm field of the
       thread (as stored in /proc/pid/task/tid/comm).

       sd_bus_creds_get_exe() will retrieve the path to the program
       executable (as stored in the /proc/pid/exe link, but with the "
       (deleted)" suffix removed). Note that kernel threads do not have
       an executable path, in which case -ENXIO is returned. Note that
       this property should not be used for more than explanatory
       information, in particular it should not be used for
       security-relevant decisions. That's because the executable might
       have been replaced or removed by the time the value can be
       processed. Moreover, the kernel exports this information in an
       ambiguous way (i.e. a deleted executable cannot be safely
       distinguished from one whose name suffix is " (deleted)").

       sd_bus_creds_get_cmdline() will retrieve an array of command line
       arguments (as stored in /proc/pid/cmdline). Note that kernel
       threads do not have a command line, in which case -ENXIO is
       returned.

       sd_bus_creds_get_cgroup() will retrieve the control group path.
       See Control Groups v2[1].

       sd_bus_creds_get_unit() will retrieve the systemd unit name (in
       the system instance of systemd) that the process is a part of.
       See systemd.unit(5). For processes that are not part of a unit,
       returns -ENXIO.

       sd_bus_creds_get_user_unit() will retrieve the systemd unit name
       (in the user instance of systemd) that the process is a part of.
       See systemd.unit(5). For processes that are not part of a user
       unit, returns -ENXIO.

       sd_bus_creds_get_slice() will retrieve the systemd slice (a unit
       in the system instance of systemd) that the process is a part of.
       See systemd.slice(5). Similarly, sd_bus_creds_get_user_slice()
       retrieves the systemd slice of the process, in the user instance
       of systemd.

       sd_bus_creds_get_session() will retrieve the identifier of the
       login session that the process is a part of. Please note the
       login session may be limited to a stub process or two. User
       processes may instead be started from their systemd user manager,
       e.g. GUI applications started using DBus activation, as well as
       service processes which are shared between multiple logins of the
       same user. For processes that are not part of a session, returns
       -ENXIO.

       sd_bus_creds_get_owner_uid() will retrieve the numeric UID (user
       identifier) of the user who owns the user unit or login session
       that the process is a part of. See systemd-logind.service(8). For
       processes that are not part of a user unit or session, returns
       -ENXIO.

       sd_bus_creds_has_effective_cap() will check whether the
       capability specified by capability was set in the effective
       capabilities mask. A positive return value means that it was set,
       zero means that it was not set, and a negative return value
       indicates an error. See capabilities(7) and the
       AmbientCapabilities= and CapabilityBoundingSet= settings in
       systemd.exec(5).

       sd_bus_creds_has_permitted_cap() is similar to
       sd_bus_creds_has_effective_cap(), but will check the permitted
       capabilities mask.

       sd_bus_creds_has_inheritable_cap() is similar to
       sd_bus_creds_has_effective_cap(), but will check the inheritable
       capabilities mask.

       sd_bus_creds_has_bounding_cap() is similar to
       sd_bus_creds_has_effective_cap(), but will check the bounding
       capabilities mask.

       sd_bus_creds_get_selinux_context() will retrieve the SELinux
       security context (label) of the process.

       sd_bus_creds_get_audit_session_id() will retrieve the audit
       session identifier of the process. Returns -ENXIO for processes
       that are not part of an audit session.

       sd_bus_creds_get_audit_login_uid() will retrieve the audit user
       login identifier (the identifier of the user who is "responsible"
       for the session). Returns -ENXIO for processes that are not part
       of an audit session.

       sd_bus_creds_get_tty() will retrieve the controlling TTY, without
       the prefixing "/dev/". Returns -ENXIO for processes that have no
       controlling TTY.

       sd_bus_creds_get_unique_name() will retrieve the D-Bus unique
       name. See The D-Bus specification[2].

       sd_bus_creds_get_well_known_names() will retrieve the set of
       D-Bus well-known names. See The D-Bus specification[2].

       sd_bus_creds_get_description() will retrieve a descriptive name
       of the bus connection of the peer. This name is useful to discern
       multiple bus connections by the same peer, and may be altered by
       the peer with the sd_bus_set_description(3) call.

       All functions that take a const char** parameter will store the
       answer there as an address of a NUL-terminated string. It will be
       valid as long as c remains valid, and should not be freed or
       modified by the caller.

       All functions that take a char*** parameter will store the answer
       there as an address of an array of strings. Each individual
       string is NUL-terminated, and the array is NULL-terminated as a
       whole. It will be valid as long as c remains valid, and should
       not be freed or modified by the caller.

RETURN VALUE         top

       On success, these calls return 0 or a positive integer. On
       failure, these calls return a negative errno-style error code.

   Errors
       Returned errors may indicate the following problems:

       -ENODATA
           The given field is not available in the credentials object c.

       -ENXIO
           The given field is not specified for the described process or
           peer. This will be returned by sd_bus_creds_get_unit(),
           sd_bus_creds_get_slice(), sd_bus_creds_get_user_unit(),
           sd_bus_creds_get_user_slice(), and sd_bus_creds_get_session()
           if the process is not part of a systemd system unit, systemd
           user unit, systemd slice, or logind session. It will be
           returned by sd_bus_creds_get_owner_uid() if the process is
           not part of a systemd user unit or logind session. It will
           also be returned by sd_bus_creds_get_exe() and
           sd_bus_creds_get_cmdline() for kernel threads (since these
           are not started from an executable binary, nor have a command
           line), and by sd_bus_creds_get_audit_session_id() and
           sd_bus_creds_get_audit_login_uid() when the process is not
           part of an audit session, and sd_bus_creds_get_tty() if the
           process has no controlling TTY.

       -EINVAL
           Specified pointer parameter is NULL.

       -ENOMEM
           Memory allocation failed.

NOTES         top

       Functions described here are available as a shared library, which
       can be compiled against and linked to with the
       libsystemd pkg-config(1) file.

       The code described here uses getenv(3), which is declared to be
       not multi-thread-safe. This means that the code calling the
       functions described here must not call setenv(3) from a parallel
       thread. It is recommended to only do calls to setenv() from an
       early phase of the program when no other threads have been
       started.

HISTORY         top

       sd_bus_creds_get_pid(), sd_bus_creds_get_tid(),
       sd_bus_creds_get_gid(), sd_bus_creds_get_comm(),
       sd_bus_creds_get_tid_comm(), sd_bus_creds_get_exe(),
       sd_bus_creds_get_cmdline(), sd_bus_creds_get_cgroup(),
       sd_bus_creds_get_unit(), sd_bus_creds_get_user_unit(),
       sd_bus_creds_get_slice(), sd_bus_creds_get_session(),
       sd_bus_creds_get_owner_uid(), sd_bus_creds_has_effective_cap(),
       sd_bus_creds_has_permitted_cap(),
       sd_bus_creds_has_inheritable_cap(),
       sd_bus_creds_has_bounding_cap(),
       sd_bus_creds_get_selinux_context(),
       sd_bus_creds_get_audit_session_id(),
       sd_bus_creds_get_audit_login_uid(),
       sd_bus_creds_get_unique_name(), and
       sd_bus_creds_get_well_known_names() were added in version 209.

       sd_bus_creds_get_ppid(), sd_bus_creds_get_uid(),
       sd_bus_creds_get_euid(), sd_bus_creds_get_suid(),
       sd_bus_creds_get_fsuid(), sd_bus_creds_get_egid(),
       sd_bus_creds_get_sgid(), sd_bus_creds_get_fsgid(),
       sd_bus_creds_get_supplementary_gids(), sd_bus_creds_get_tty(),
       and sd_bus_creds_get_description() were added in version 220.

       sd_bus_creds_get_user_slice() was added in version 223.

SEE ALSO         top

       systemd(1), sd-bus(3), sd_bus_creds_new_from_pid(2), fork(2),
       execve(2), credentials(7), free(3), proc(5),
       systemd.journal-fields(7)

NOTES         top

        1. Control Groups v2
           https://docs.kernel.org/admin-guide/cgroup-v2.html

        2. The D-Bus specification
           https://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus

COLOPHON         top

       This page is part of the systemd (systemd system and service
       manager) project.  Information about the project can be found at
       ⟨http://www.freedesktop.org/wiki/Software/systemd⟩.  If you have
       a bug report for this manual page, see
       ⟨http://www.freedesktop.org/wiki/Software/systemd/#bugreports⟩.
       This page was obtained from the project's upstream Git repository
       ⟨https://github.com/systemd/systemd.git⟩ on 2023-12-22.  (At that
       time, the date of the most recent commit that was found in the
       repository was 2023-12-22.)  If you discover any rendering
       problems in this HTML version of the page, or you believe there
       is a better or more up-to-date source for the page, or you have
       corrections or improvements to the information in this COLOPHON
       (which is not part of the original manual page), send a mail to
       man-pages@man7.org

systemd 255                                      SD_BUS_CREDS_GET_PID(3)

Pages that refer to this page: sd-bus(3)sd_bus_creds_new_from_pid(3)systemd.directives(7)systemd.index(7)