sd_bus_query_sender_creds(3) — Linux manual page



NAME         top

       sd_bus_query_sender_creds, sd_bus_query_sender_privilege - Query bus
       message sender credentials/privileges

SYNOPSIS         top

       #include <systemd/sd-bus.h>

       int sd_bus_query_sender_creds(sd_bus_message *m, uint64_t mask,
                                     sd_bus_creds **creds);

       sd_bus_error* sd_bus_query_sender_privilege(sd_bus_message *m,
                                                   int capability);

DESCRIPTION         top

       sd_bus_query_sender_creds() returns the credentials of the message m.
       The mask parameter is a combo of SD_BUS_CREDS_* flags that indicate
       which credential info the caller is interested in. See
       sd_bus_creds_new_from_pid(3) for a list of possible flags. First,
       this message checks if the requested credentials are attached to the
       message itself. If not but the message contains the pid of the
       sender, this function tries to figure out the missing credentials via
       other means (starting from the pid). If the pid isn't available but
       the message has a sender, this function calls
       sd_bus_get_name_creds(3) to get the requested credentials. If the
       message has no sender (when a direct connection is used), this
       function calls sd_bus_get_owner_creds(3) to get the requested
       credentials. On success, the requested credentials are stored in
       creds. Ownership of the credentials object in creds is transferred to
       the caller and should be freed by calling sd_bus_creds_unref(3).

       sd_bus_query_sender_privilege() checks if the message m has the
       requested privileges. If capability is a non-negative integer, this
       function checks if the message has the capability with the same
       value. See capabilities(7) for a list of capabilities. If capability
       is a negative integer, this function returns whether the sender of
       the message runs as the same user as the receiver of the message, or
       if the sender of the message runs as root and the receiver of the
       message does not run as root. On success and if the message has the
       requested privileges, this function returns a positive integer. If
       the message does not have the requested privileges, this function
       returns zero.

RETURN VALUE         top

       On success, these functions return a non-negative integer. On
       failure, they return a negative errno-style error code.

       Returned errors may indicate the following problems:

           The message m or an output parameter is NULL.

           The bus of m is not connected.

           The bus of m was created in a different process.

           The message m is not sealed.

NOTES         top

       These APIs are implemented as a shared library, which can be compiled
       and linked to with the libsystemd pkg-config(1) file.

SEE ALSO         top

       systemd(1), sd-bus(3), sd_bus_creds_new_from_pid(3),
       sd_bus_get_name_creds(3), sd_bus_get_owner_creds(3),
       sd_bus_creds_unref(3), capabilities(7)

COLOPHON         top

       This page is part of the systemd (systemd system and service manager)
       project.  Information about the project can be found at 
       ⟨⟩.  If you have a bug
       report for this manual page, see
       ⟨⟩.  This
       page was obtained from the project's upstream Git repository
       ⟨⟩ on 2020-11-01.  (At that
       time, the date of the most recent commit that was found in the repos‐
       itory was 2020-11-01.)  If you discover any rendering problems in
       this HTML version of the page, or you believe there is a better or
       more up-to-date source for the page, or you have corrections or im‐
       provements to the information in this COLOPHON (which is not part of
       the original manual page), send a mail to

systemd 247                                     SD_BUS_QUERY_SENDER_CREDS(3)

Pages that refer to this page: sd-bus(3)30-systemd-environment-d-generator(7)systemd.directives(7)systemd.index(7)