X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsd_bus_creds_new_from_pid.xml;fp=man%2Fsd_bus_creds_new_from_pid.xml;h=fe4911c4af06e7366ddb5cb8be724e34a0efeec6;hb=56c19a4f2a0091a3fe23712cbbc6c6e379572ffe;hp=0000000000000000000000000000000000000000;hpb=7873fa750d7d4310396e69df12b53e07e4e81249;p=elogind.git

diff --git a/man/sd_bus_creds_new_from_pid.xml b/man/sd_bus_creds_new_from_pid.xml
new file mode 100644
index 000000000..fe4911c4a
--- /dev/null
+++ b/man/sd_bus_creds_new_from_pid.xml
@@ -0,0 +1,353 @@
+<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
+"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+
+<!--
+  This file is part of systemd.
+
+  Copyright 2014 Zbigniew Jędrzejewski-Szmek
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+-->
+
+<refentry id="sd_bus_creds_new_from_pid">
+
+  <refentryinfo>
+    <title>sd_bus_creds_new_from_pid</title>
+    <productname>systemd</productname>
+
+    <authorgroup>
+      <author>
+        <contrib>A monkey with a typewriter</contrib>
+        <firstname>Zbigniew</firstname>
+        <surname>Jędrzejewski-Szmek</surname>
+        <email>zbyszek@in.waw.pl</email>
+      </author>
+    </authorgroup>
+  </refentryinfo>
+
+  <refmeta>
+    <refentrytitle>sd_bus_creds_new_from_pid</refentrytitle>
+    <manvolnum>3</manvolnum>
+  </refmeta>
+
+  <refnamediv>
+    <refname>sd_bus_creds_new_from_pid</refname>
+    <refname>sd_bus_creds_get_mask</refname>
+    <refname>sd_bus_creds_get_augmented_mask</refname>
+    <refname>sd_bus_creds_ref</refname>
+    <refname>sd_bus_creds_unref</refname>
+    <refname>sd_bus_creds_unrefp</refname>
+
+    <refpurpose>Retrieve credentials object for the specified PID</refpurpose>
+  </refnamediv>
+
+  <refsynopsisdiv>
+    <funcsynopsis>
+      <funcsynopsisinfo>#include &lt;systemd/sd-bus.h&gt;</funcsynopsisinfo>
+
+      <funcprototype>
+        <funcdef>int <function>sd_bus_creds_new_from_pid</function></funcdef>
+        <paramdef>pid_t <parameter>pid</parameter></paramdef>
+        <paramdef>uint64_t <parameter>creds_mask</parameter></paramdef>
+        <paramdef>sd_bus_creds **<parameter>ret</parameter></paramdef>
+      </funcprototype>
+
+      <funcprototype>
+        <funcdef>uint64_t <function>sd_bus_creds_get_mask</function></funcdef>
+        <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
+      </funcprototype>
+
+      <funcprototype>
+        <funcdef>uint64_t <function>sd_bus_creds_get_augmented_mask</function></funcdef>
+        <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
+      </funcprototype>
+
+      <funcprototype>
+        <funcdef>sd_bus_creds *<function>sd_bus_creds_ref</function></funcdef>
+        <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
+      </funcprototype>
+
+      <funcprototype>
+        <funcdef>sd_bus_creds *<function>sd_bus_creds_unref</function></funcdef>
+        <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
+      </funcprototype>
+
+      <funcprototype>
+        <funcdef>void <function>sd_bus_creds_unrefp</function></funcdef>
+        <paramdef>sd_bus_creds **<parameter>c</parameter></paramdef>
+      </funcprototype>
+    </funcsynopsis>
+
+    <para>
+      <constant>SD_BUS_CREDS_PID</constant>,
+      <constant>SD_BUS_CREDS_PPID</constant>,
+      <constant>SD_BUS_CREDS_TID</constant>,
+      <constant>SD_BUS_CREDS_UID</constant>,
+      <constant>SD_BUS_CREDS_EUID</constant>,
+      <constant>SD_BUS_CREDS_SUID</constant>,
+      <constant>SD_BUS_CREDS_FSUID</constant>,
+      <constant>SD_BUS_CREDS_GID</constant>,
+      <constant>SD_BUS_CREDS_EGID</constant>,
+      <constant>SD_BUS_CREDS_SGID</constant>,
+      <constant>SD_BUS_CREDS_FSGID</constant>,
+      <constant>SD_BUS_CREDS_SUPPLEMENTARY_GIDS</constant>,
+      <constant>SD_BUS_CREDS_COMM</constant>,
+      <constant>SD_BUS_CREDS_TID_COMM</constant>,
+      <constant>SD_BUS_CREDS_EXE</constant>,
+      <constant>SD_BUS_CREDS_CMDLINE</constant>,
+      <constant>SD_BUS_CREDS_CGROUP</constant>,
+      <constant>SD_BUS_CREDS_UNIT</constant>,
+      <constant>SD_BUS_CREDS_SLICE</constant>,
+      <constant>SD_BUS_CREDS_USER_UNIT</constant>,
+      <constant>SD_BUS_CREDS_USER_SLICE</constant>,
+      <constant>SD_BUS_CREDS_SESSION</constant>,
+      <constant>SD_BUS_CREDS_OWNER_UID</constant>,
+      <constant>SD_BUS_CREDS_EFFECTIVE_CAPS</constant>,
+      <constant>SD_BUS_CREDS_PERMITTED_CAPS</constant>,
+      <constant>SD_BUS_CREDS_INHERITABLE_CAPS</constant>,
+      <constant>SD_BUS_CREDS_BOUNDING_CAPS</constant>,
+      <constant>SD_BUS_CREDS_SELINUX_CONTEXT</constant>,
+      <constant>SD_BUS_CREDS_AUDIT_SESSION_ID</constant>,
+      <constant>SD_BUS_CREDS_AUDIT_LOGIN_UID</constant>,
+      <constant>SD_BUS_CREDS_TTY</constant>,
+      <constant>SD_BUS_CREDS_UNIQUE_NAME</constant>,
+      <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant>,
+      <constant>SD_BUS_CREDS_DESCRIPTION</constant>,
+      <constant>SD_BUS_CREDS_AUGMENT</constant>,
+      <constant>_SD_BUS_CREDS_ALL</constant>
+    </para>
+  </refsynopsisdiv>
+
+  <refsect1>
+    <title>Description</title>
+
+    <para><function>sd_bus_creds_new_from_pid()</function> creates a
+    new credentials object and fills it with information about the
+    process <parameter>pid</parameter>. The pointer to this object
+    will be stored in the <parameter>ret</parameter> pointer. Note that
+    credential objects may also be created and retrieved via
+    <citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+    <citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    and
+    <citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para>
+
+    <para>The information that will be stored is determined by
+    <parameter>creds_mask</parameter>. It may contain a subset of ORed
+    constants <constant>SD_BUS_CREDS_PID</constant>,
+    <constant>SD_BUS_CREDS_PPID</constant>,
+    <constant>SD_BUS_CREDS_TID</constant>,
+    <constant>SD_BUS_CREDS_UID</constant>,
+    <constant>SD_BUS_CREDS_EUID</constant>,
+    <constant>SD_BUS_CREDS_SUID</constant>,
+    <constant>SD_BUS_CREDS_FSUID</constant>,
+    <constant>SD_BUS_CREDS_GID</constant>,
+    <constant>SD_BUS_CREDS_EGID</constant>,
+    <constant>SD_BUS_CREDS_SGID</constant>,
+    <constant>SD_BUS_CREDS_FSGID</constant>,
+    <constant>SD_BUS_CREDS_SUPPLEMENTARY_GIDS</constant>,
+    <constant>SD_BUS_CREDS_COMM</constant>,
+    <constant>SD_BUS_CREDS_TID_COMM</constant>,
+    <constant>SD_BUS_CREDS_EXE</constant>,
+    <constant>SD_BUS_CREDS_CMDLINE</constant>,
+    <constant>SD_BUS_CREDS_CGROUP</constant>,
+    <constant>SD_BUS_CREDS_UNIT</constant>,
+    <constant>SD_BUS_CREDS_SLICE</constant>,
+    <constant>SD_BUS_CREDS_USER_UNIT</constant>,
+    <constant>SD_BUS_CREDS_USER_SLICE</constant>,
+    <constant>SD_BUS_CREDS_SESSION</constant>,
+    <constant>SD_BUS_CREDS_OWNER_UID</constant>,
+    <constant>SD_BUS_CREDS_EFFECTIVE_CAPS</constant>,
+    <constant>SD_BUS_CREDS_PERMITTED_CAPS</constant>,
+    <constant>SD_BUS_CREDS_INHERITABLE_CAPS</constant>,
+    <constant>SD_BUS_CREDS_BOUNDING_CAPS</constant>,
+    <constant>SD_BUS_CREDS_SELINUX_CONTEXT</constant>,
+    <constant>SD_BUS_CREDS_AUDIT_SESSION_ID</constant>,
+    <constant>SD_BUS_CREDS_AUDIT_LOGIN_UID</constant>,
+    <constant>SD_BUS_CREDS_TTY</constant>,
+    <constant>SD_BUS_CREDS_UNIQUE_NAME</constant>,
+    <constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant>, and
+    <constant>SD_BUS_CREDS_DESCRIPTION</constant>. Use the special
+    value <constant>_SD_BUS_CREDS_ALL</constant> to request all
+    supported fields. The <constant>SD_BUS_CREDS_AUGMENT</constant>
+    constant may not be ORed into the mask for invocations of
+    <function>sd_bus_creds_new_from_pid()</function>.</para>
+
+    <para>Fields can be retrieved from the credentials object using
+    <citerefentry><refentrytitle>sd_bus_creds_get_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    and other functions which correspond directly to the constants
+    listed above.</para>
+
+    <para>A mask of fields which were actually successfully retrieved
+    can be retrieved with
+    <function>sd_bus_creds_get_mask()</function>. If the credentials
+    object was created with
+    <function>sd_bus_creds_new_from_pid()</function>, this will be a
+    subset of fields requested in <parameter>creds_mask</parameter>.
+    </para>
+
+    <para>Similar to <function>sd_bus_creds_get_mask()</function>, the
+    function <function>sd_bus_creds_get_augmented_mask()</function>
+    returns a bitmask of field constants. The mask indicates which
+    credential fields have been retrieved in a non-atomic fashion. For
+    credential objects created via
+    <function>sd_bus_creds_new_from_pid()</function>, this mask will be
+    identical to the mask returned by
+    <function>sd_bus_creds_get_mask()</function>. However, for
+    credential objects retrieved via
+    <function>sd_bus_get_name_creds()</function>, this mask will be set
+    for the credential fields that could not be determined atomically
+    at peer connection time, and which were later added by reading
+    augmenting credential data from
+    <filename>/proc</filename>. Similarly, for credential objects
+    retrieved via <function>sd_bus_get_owner_creds()</function>, the
+    mask is set for the fields that could not be determined atomically
+    at bus creation time, but have been augmented. Similarly, for
+    credential objects retrieved via
+    <function>sd_bus_message_get_creds()</function>, the mask is set
+    for the fields that could not be determined atomically at message
+    sending time, but have been augmented. The mask returned by
+    <function>sd_bus_creds_get_augmented_mask()</function> is always a
+    subset of (or identical to) the mask returned by
+    <function>sd_bus_creds_get_mask()</function> for the same
+    object. The latter call hence returns all credential fields
+    available in the credential object, the former then marks the
+    subset of those that have been augmented. Note that augmented
+    fields are unsuitable for authorization decisions, as they may be
+    retrieved at different times, thus being subject to races. Hence,
+    augmented fields should be used exclusively for informational
+    purposes.
+    </para>
+
+    <para><function>sd_bus_creds_ref()</function> creates a new
+    reference to the credentials object <parameter>c</parameter>. This
+    object will not be destroyed until
+    <function>sd_bus_creds_unref()</function> has been called as many
+    times plus once more. Once the reference count has dropped to zero,
+    <parameter>c</parameter> cannot be used anymore, so further
+    calls to <function>sd_bus_creds_ref(c)</function> or
+    <function>sd_bus_creds_unref(c)</function> are illegal.</para>
+
+    <para><function>sd_bus_creds_unref()</function> destroys a reference
+    to <parameter>c</parameter>.</para>
+
+    <para><function>sd_bus_creds_unrefp()</function> is similar to
+    <function>sd_bus_creds_unref()</function> but takes a pointer to a
+    pointer to an <type>sd_bus_creds</type> object. This call is useful in
+    conjunction with GCC's and LLVM's <ulink
+    url="https://gcc.gnu.org/onlinedocs/gcc/Common-Variable-Attributes.html">Clean-up
+    Variable Attribute</ulink>. Note that this function is defined as
+    inline function.</para>
+
+    <para><function>sd_bus_creds_ref()</function>,
+    <function>sd_bus_creds_unref()</function> and
+    <function>sd_bus_creds_unrefp()</function> execute no operation if
+    the passed in bus credentials object is
+    <constant>NULL</constant>.</para>
+
+  </refsect1>
+
+  <refsect1>
+    <title>Return Value</title>
+
+    <para>On success, <function>sd_bus_creds_new_from_pid()</function>
+    returns 0 or a positive integer. On failure, it returns a negative
+    errno-style error code.</para>
+
+    <para><function>sd_bus_creds_get_mask()</function> returns the
+    mask of successfully acquired fields.</para>
+
+    <para><function>sd_bus_creds_get_augmented_mask()</function>
+    returns the mask of fields that have been augmented from data in
+    <filename>/proc</filename>, and are thus not suitable for
+    authorization decisions.</para>
+
+    <para><function>sd_bus_creds_ref()</function> always returns the
+    argument.</para>
+
+    <para><function>sd_bus_creds_unref()</function> always returns
+    <constant>NULL</constant>.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>Reference ownership</title>
+
+    <para>Function <function>sd_bus_creds_new_from_pid()</function>
+    creates a new object and the caller owns the sole reference. When
+    not needed anymore, this reference should be destroyed with
+    <citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
+    </para>
+  </refsect1>
+
+  <refsect1>
+    <title>Errors</title>
+
+    <para>Returned errors may indicate the following problems:</para>
+
+    <variablelist>
+
+      <varlistentry>
+        <term><constant>-ESRCH</constant></term>
+
+        <listitem><para>Specified <parameter>pid</parameter> could not
+        be found.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><constant>-EINVAL</constant></term>
+
+        <listitem><para>Specified parameter is invalid
+        (<constant>NULL</constant> in case of output
+        parameters).</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><constant>-ENOMEM</constant></term>
+
+        <listitem><para>Memory allocation failed.</para></listitem>
+      </varlistentry>
+
+      <varlistentry>
+        <term><constant>-EOPNOTSUPP</constant></term>
+
+        <listitem><para>One of the requested fields is unknown to the local system.</para></listitem>
+      </varlistentry>
+    </variablelist>
+  </refsect1>
+
+  <refsect1>
+    <title>Notes</title>
+
+    <para><function>sd_bus_creds_new_from_pid()</function> and the
+    other calls described here are available as a shared library,
+    which can be compiled and linked to with the
+    <constant>libelogind</constant> <citerefentry
+    project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
+    file.</para>
+  </refsect1>
+
+  <refsect1>
+    <title>See Also</title>
+
+    <para>
+      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_bus_creds_get_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
+      <citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
+    </para>
+  </refsect1>
+
+</refentry>