X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsd_bus_creds_new_from_pid.xml;h=1a507cf91cf15123d0a7a67c18bdf1a88161e045;hb=76cc80f42e53215b9039ca99dd35687c7518880a;hp=64b92e233094557f5ef97abf14e5d8c8749fdad2;hpb=7c071fda945a8f9e3b11d37dc04c8bdfa615d44a;p=elogind.git diff --git a/man/sd_bus_creds_new_from_pid.xml b/man/sd_bus_creds_new_from_pid.xml index 64b92e233..1a507cf91 100644 --- a/man/sd_bus_creds_new_from_pid.xml +++ b/man/sd_bus_creds_new_from_pid.xml @@ -1,31 +1,31 @@ - + - + sd_bus_creds_new_from_pid - systemd + elogind @@ -45,15 +45,17 @@ along with systemd; If not, see . sd_bus_creds_new_from_pid sd_bus_creds_get_mask + sd_bus_creds_get_augmented_mask sd_bus_creds_ref sd_bus_creds_unref + sd_bus_creds_unrefp Retrieve credentials object for the specified PID - #include <systemd/sd-bus.h> + #include <elogind/sd-bus.h> int sd_bus_creds_new_from_pid @@ -67,6 +69,11 @@ along with systemd; If not, see . const sd_bus_creds *c + + uint64_t sd_bus_creds_get_augmented_mask + const sd_bus_creds *c + + sd_bus_creds *sd_bus_creds_ref sd_bus_creds *c @@ -76,22 +83,31 @@ along with systemd; If not, see . sd_bus_creds *sd_bus_creds_unref sd_bus_creds *c + + + void sd_bus_creds_unrefp + sd_bus_creds **c + SD_BUS_CREDS_PID, - SD_BUS_CREDS_PID_STARTTIME, + SD_BUS_CREDS_PPID, SD_BUS_CREDS_TID, SD_BUS_CREDS_UID, + SD_BUS_CREDS_EUID, + SD_BUS_CREDS_SUID, + SD_BUS_CREDS_FSUID, SD_BUS_CREDS_GID, + SD_BUS_CREDS_EGID, + SD_BUS_CREDS_SGID, + SD_BUS_CREDS_FSGID, + SD_BUS_CREDS_SUPPLEMENTARY_GIDS, SD_BUS_CREDS_COMM, SD_BUS_CREDS_TID_COMM, SD_BUS_CREDS_EXE, SD_BUS_CREDS_CMDLINE, SD_BUS_CREDS_CGROUP, - SD_BUS_CREDS_UNIT, - SD_BUS_CREDS_USER_UNIT, - SD_BUS_CREDS_SLICE, SD_BUS_CREDS_SESSION, SD_BUS_CREDS_OWNER_UID, SD_BUS_CREDS_EFFECTIVE_CAPS, @@ -101,8 +117,11 @@ along with systemd; If not, see . SD_BUS_CREDS_SELINUX_CONTEXT, SD_BUS_CREDS_AUDIT_SESSION_ID, SD_BUS_CREDS_AUDIT_LOGIN_UID, + SD_BUS_CREDS_TTY, SD_BUS_CREDS_UNIQUE_NAME, SD_BUS_CREDS_WELL_KNOWN_NAMES, + SD_BUS_CREDS_DESCRIPTION, + SD_BUS_CREDS_AUGMENT, _SD_BUS_CREDS_ALL @@ -110,26 +129,35 @@ along with systemd; If not, see . Description - sd_bus_creds_new_from_pid() creates a new - credentials object and fills it with information about the process - pid. This pointer to this object will - be stored in ret pointer. + sd_bus_creds_new_from_pid() creates a + new credentials object and fills it with information about the + process pid. The pointer to this object + will be stored in the ret pointer. Note that + credential objects may also be created and retrieved via + sd_bus_get_name_creds3, + sd_bus_get_owner_creds3 + and + sd_bus_message_get_creds3. The information that will be stored is determined by creds_mask. It may contain a subset of ORed constants SD_BUS_CREDS_PID, - SD_BUS_CREDS_PID_STARTTIME, + SD_BUS_CREDS_PPID, SD_BUS_CREDS_TID, SD_BUS_CREDS_UID, + SD_BUS_CREDS_EUID, + SD_BUS_CREDS_SUID, + SD_BUS_CREDS_FSUID, SD_BUS_CREDS_GID, + SD_BUS_CREDS_EGID, + SD_BUS_CREDS_SGID, + SD_BUS_CREDS_FSGID, + SD_BUS_CREDS_SUPPLEMENTARY_GIDS, SD_BUS_CREDS_COMM, SD_BUS_CREDS_TID_COMM, SD_BUS_CREDS_EXE, SD_BUS_CREDS_CMDLINE, SD_BUS_CREDS_CGROUP, - SD_BUS_CREDS_UNIT, - SD_BUS_CREDS_USER_UNIT, - SD_BUS_CREDS_SLICE, SD_BUS_CREDS_SESSION, SD_BUS_CREDS_OWNER_UID, SD_BUS_CREDS_EFFECTIVE_CAPS, @@ -139,35 +167,87 @@ along with systemd; If not, see . SD_BUS_CREDS_SELINUX_CONTEXT, SD_BUS_CREDS_AUDIT_SESSION_ID, SD_BUS_CREDS_AUDIT_LOGIN_UID, + SD_BUS_CREDS_TTY, SD_BUS_CREDS_UNIQUE_NAME, - SD_BUS_CREDS_WELL_KNOWN_NAMES, - or _SD_BUS_CREDS_ALL to indicate - all known fields. + SD_BUS_CREDS_WELL_KNOWN_NAMES, and + SD_BUS_CREDS_DESCRIPTION. Use the special + value _SD_BUS_CREDS_ALL to request all + supported fields. The SD_BUS_CREDS_AUGMENT + constant may not be ORed into the mask for invocations of + sd_bus_creds_new_from_pid(). Fields can be retrieved from the credentials object using sd_bus_creds_get_pid3 and other functions which correspond directly to the constants listed above. - A mask of fields which were actually sucessfully set - (acquired from /proc, etc.) can be retrieved - with sd_bus_creds_get_mask(). If the - credentials object was created with + A mask of fields which were actually successfully retrieved + can be retrieved with + sd_bus_creds_get_mask(). If the credentials + object was created with sd_bus_creds_new_from_pid(), this will be a subset of fields requested in creds_mask. - sd_bus_creds_ref creates a new + Similar to sd_bus_creds_get_mask(), the + function sd_bus_creds_get_augmented_mask() + returns a bitmask of field constants. The mask indicates which + credential fields have been retrieved in a non-atomic fashion. For + credential objects created via + sd_bus_creds_new_from_pid(), this mask will be + identical to the mask returned by + sd_bus_creds_get_mask(). However, for + credential objects retrieved via + sd_bus_get_name_creds(), this mask will be set + for the credential fields that could not be determined atomically + at peer connection time, and which were later added by reading + augmenting credential data from + /proc. Similarly, for credential objects + retrieved via sd_bus_get_owner_creds(), the + mask is set for the fields that could not be determined atomically + at bus creation time, but have been augmented. Similarly, for + credential objects retrieved via + sd_bus_message_get_creds(), the mask is set + for the fields that could not be determined atomically at message + sending time, but have been augmented. The mask returned by + sd_bus_creds_get_augmented_mask() is always a + subset of (or identical to) the mask returned by + sd_bus_creds_get_mask() for the same + object. The latter call hence returns all credential fields + available in the credential object, the former then marks the + subset of those that have been augmented. Note that augmented + fields are unsuitable for authorization decisions, as they may be + retrieved at different times, thus being subject to races. Hence, + augmented fields should be used exclusively for informational + purposes. + + + sd_bus_creds_ref() creates a new reference to the credentials object c. This object will not be destroyed until - sd_bus_creds_unref has been called as many + sd_bus_creds_unref() has been called as many times plus once more. Once the reference count has dropped to zero, - c cannot be used anymore, so futher + c cannot be used anymore, so further calls to sd_bus_creds_ref(c) or sd_bus_creds_unref(c) are illegal. - sd_bus_creds_unref destroys a reference + sd_bus_creds_unref() destroys a reference to c. + + sd_bus_creds_unrefp() is similar to + sd_bus_creds_unref() but takes a pointer to a + pointer to an sd_bus_creds object. This call is useful in + conjunction with GCC's and LLVM's Clean-up + Variable Attribute. Note that this function is defined as + inline function. + + sd_bus_creds_ref(), + sd_bus_creds_unref() and + sd_bus_creds_unrefp() execute no operation if + the passed in bus credentials object is + NULL. + @@ -180,10 +260,15 @@ along with systemd; If not, see . sd_bus_creds_get_mask() returns the mask of successfully acquired fields. - sd_bus_creds_ref always returns the + sd_bus_creds_get_augmented_mask() + returns the mask of fields that have been augmented from data in + /proc, and are thus not suitable for + authorization decisions. + + sd_bus_creds_ref() always returns the argument. - sd_bus_creds_unref always returns + sd_bus_creds_unref() always returns NULL. @@ -205,14 +290,14 @@ along with systemd; If not, see . - -ESRCH + -ESRCH Specified pid could not be found. - -EINVAL + -EINVAL Specified parameter is invalid (NULL in case of output @@ -220,20 +305,27 @@ along with systemd; If not, see . - -ENOMEM + -ENOMEM Memory allocation failed. + + + -EOPNOTSUPP + + One of the requested fields is unknown to the local system. + Notes - sd_bus_creds_new_from_pid() is - available as a shared library, which can be compiled and linked to - with the - libsystemd pkg-config1 + sd_bus_creds_new_from_pid() and the + other calls described here are available as a shared library, + which can be compiled and linked to with the + libelogind pkg-config1 file. @@ -241,34 +333,12 @@ along with systemd; If not, see . See Also - systemd1, + elogind8, sd-bus3, - sd_bus_creds_ref3, - sd_bus_creds_unref3, sd_bus_creds_get_pid3, - sd_bus_creds_get_pid_starttime3, - sd_bus_creds_get_tid3, - sd_bus_creds_get_uid3, - sd_bus_creds_get_gid3, - sd_bus_creds_get_comm3, - sd_bus_creds_get_tid_comm3, - sd_bus_creds_get_exe3, - sd_bus_creds_get_cmdline3, - sd_bus_creds_get_cgroup3, - sd_bus_creds_get_unit3, - sd_bus_creds_get_user_unit3, - sd_bus_creds_get_slice3, - sd_bus_creds_get_session3, - sd_bus_creds_get_owner_uid3, - sd_bus_creds_has_effective_cap3, - sd_bus_creds_has_permitted_cap3, - sd_bus_creds_has_inheritable_cap3, - sd_bus_creds_has_bounding_cap3, - sd_bus_creds_get_selinux_context3, - sd_bus_creds_get_audit_session_id3, - sd_bus_creds_get_audit_login_uid3, - sd_bus_creds_get_unique_name3, - sd_bus_creds_get_well_known_names3 + sd_bus_get_name_creds3, + sd_bus_get_owner_creds3, + sd_bus_message_get_creds3