1 /*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
4 This file is part of systemd.
6 Copyright 2013 Lennart Poettering
8 systemd is free software; you can redistribute it and/or modify it
9 under the terms of the GNU Lesser General Public License as published by
10 the Free Software Foundation; either version 2.1 of the License, or
11 (at your option) any later version.
13 systemd is distributed in the hope that it will be useful, but
14 WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 Lesser General Public License for more details.
18 You should have received a copy of the GNU Lesser General Public License
19 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 #include "cgroup-util.h"
28 #include "bus-message.h"
30 #include "time-util.h"
32 #include "bus-creds.h"
33 #include "bus-label.h"
36 CAP_OFFSET_INHERITABLE = 0,
37 CAP_OFFSET_PERMITTED = 1,
38 CAP_OFFSET_EFFECTIVE = 2,
39 CAP_OFFSET_BOUNDING = 3
42 void bus_creds_done(sd_bus_creds *c) {
45 /* For internal bus cred structures that are allocated by
52 free(c->unescaped_description);
54 strv_free(c->cmdline_array);
55 strv_free(c->well_known_names);
58 _public_ sd_bus_creds *sd_bus_creds_ref(sd_bus_creds *c) {
59 assert_return(c, NULL);
67 /* If this is an embedded creds structure, then
68 * forward ref counting to the message */
69 m = container_of(c, sd_bus_message, creds);
70 sd_bus_message_ref(m);
76 _public_ sd_bus_creds *sd_bus_creds_unref(sd_bus_creds *c) {
103 m = container_of(c, sd_bus_message, creds);
104 sd_bus_message_unref(m);
111 _public_ uint64_t sd_bus_creds_get_mask(const sd_bus_creds *c) {
117 sd_bus_creds* bus_creds_new(void) {
120 c = new0(sd_bus_creds, 1);
129 _public_ int sd_bus_creds_new_from_pid(sd_bus_creds **ret, pid_t pid, uint64_t mask) {
133 assert_return(pid >= 0, -EINVAL);
134 assert_return(mask <= _SD_BUS_CREDS_ALL, -ENOTSUP);
135 assert_return(ret, -EINVAL);
144 r = bus_creds_add_more(c, mask | SD_BUS_CREDS_AUGMENT, pid, 0);
146 sd_bus_creds_unref(c);
150 /* Check if the process existed at all, in case we haven't
151 * figured that out already */
152 if (!pid_is_alive(pid)) {
153 sd_bus_creds_unref(c);
161 _public_ int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid) {
162 assert_return(c, -EINVAL);
163 assert_return(uid, -EINVAL);
165 if (!(c->mask & SD_BUS_CREDS_UID))
172 _public_ int sd_bus_creds_get_euid(sd_bus_creds *c, uid_t *euid) {
173 assert_return(c, -EINVAL);
174 assert_return(euid, -EINVAL);
176 if (!(c->mask & SD_BUS_CREDS_EUID))
183 _public_ int sd_bus_creds_get_suid(sd_bus_creds *c, uid_t *suid) {
184 assert_return(c, -EINVAL);
185 assert_return(suid, -EINVAL);
187 if (!(c->mask & SD_BUS_CREDS_SUID))
195 _public_ int sd_bus_creds_get_fsuid(sd_bus_creds *c, uid_t *fsuid) {
196 assert_return(c, -EINVAL);
197 assert_return(fsuid, -EINVAL);
199 if (!(c->mask & SD_BUS_CREDS_FSUID))
206 _public_ int sd_bus_creds_get_gid(sd_bus_creds *c, gid_t *gid) {
207 assert_return(c, -EINVAL);
208 assert_return(gid, -EINVAL);
210 if (!(c->mask & SD_BUS_CREDS_UID))
218 _public_ int sd_bus_creds_get_egid(sd_bus_creds *c, gid_t *egid) {
219 assert_return(c, -EINVAL);
220 assert_return(egid, -EINVAL);
222 if (!(c->mask & SD_BUS_CREDS_EGID))
229 _public_ int sd_bus_creds_get_sgid(sd_bus_creds *c, gid_t *sgid) {
230 assert_return(c, -EINVAL);
231 assert_return(sgid, -EINVAL);
233 if (!(c->mask & SD_BUS_CREDS_SGID))
241 _public_ int sd_bus_creds_get_fsgid(sd_bus_creds *c, gid_t *fsgid) {
242 assert_return(c, -EINVAL);
243 assert_return(fsgid, -EINVAL);
245 if (!(c->mask & SD_BUS_CREDS_FSGID))
252 _public_ int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid) {
253 assert_return(c, -EINVAL);
254 assert_return(pid, -EINVAL);
256 if (!(c->mask & SD_BUS_CREDS_PID))
264 _public_ int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid) {
265 assert_return(c, -EINVAL);
266 assert_return(tid, -EINVAL);
268 if (!(c->mask & SD_BUS_CREDS_TID))
276 _public_ int sd_bus_creds_get_pid_starttime(sd_bus_creds *c, uint64_t *usec) {
277 assert_return(c, -EINVAL);
278 assert_return(usec, -EINVAL);
280 if (!(c->mask & SD_BUS_CREDS_PID_STARTTIME))
283 assert(c->pid_starttime > 0);
284 *usec = c->pid_starttime;
288 _public_ int sd_bus_creds_get_selinux_context(sd_bus_creds *c, const char **ret) {
289 assert_return(c, -EINVAL);
291 if (!(c->mask & SD_BUS_CREDS_SELINUX_CONTEXT))
299 _public_ int sd_bus_creds_get_comm(sd_bus_creds *c, const char **ret) {
300 assert_return(c, -EINVAL);
301 assert_return(ret, -EINVAL);
303 if (!(c->mask & SD_BUS_CREDS_COMM))
311 _public_ int sd_bus_creds_get_tid_comm(sd_bus_creds *c, const char **ret) {
312 assert_return(c, -EINVAL);
313 assert_return(ret, -EINVAL);
315 if (!(c->mask & SD_BUS_CREDS_TID_COMM))
323 _public_ int sd_bus_creds_get_exe(sd_bus_creds *c, const char **ret) {
324 assert_return(c, -EINVAL);
325 assert_return(ret, -EINVAL);
327 if (!(c->mask & SD_BUS_CREDS_EXE))
335 _public_ int sd_bus_creds_get_cgroup(sd_bus_creds *c, const char **ret) {
336 assert_return(c, -EINVAL);
337 assert_return(ret, -EINVAL);
339 if (!(c->mask & SD_BUS_CREDS_CGROUP))
347 _public_ int sd_bus_creds_get_unit(sd_bus_creds *c, const char **ret) {
350 assert_return(c, -EINVAL);
351 assert_return(ret, -EINVAL);
353 if (!(c->mask & SD_BUS_CREDS_UNIT))
361 r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
365 r = cg_path_get_unit(shifted, (char**) &c->unit);
374 _public_ int sd_bus_creds_get_user_unit(sd_bus_creds *c, const char **ret) {
377 assert_return(c, -EINVAL);
378 assert_return(ret, -EINVAL);
380 if (!(c->mask & SD_BUS_CREDS_USER_UNIT))
388 r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
392 r = cg_path_get_user_unit(shifted, (char**) &c->user_unit);
401 _public_ int sd_bus_creds_get_slice(sd_bus_creds *c, const char **ret) {
404 assert_return(c, -EINVAL);
405 assert_return(ret, -EINVAL);
407 if (!(c->mask & SD_BUS_CREDS_SLICE))
415 r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
419 r = cg_path_get_slice(shifted, (char**) &c->slice);
428 _public_ int sd_bus_creds_get_session(sd_bus_creds *c, const char **ret) {
431 assert_return(c, -EINVAL);
432 assert_return(ret, -EINVAL);
434 if (!(c->mask & SD_BUS_CREDS_SESSION))
442 r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
446 r = cg_path_get_session(shifted, (char**) &c->session);
455 _public_ int sd_bus_creds_get_owner_uid(sd_bus_creds *c, uid_t *uid) {
459 assert_return(c, -EINVAL);
460 assert_return(uid, -EINVAL);
462 if (!(c->mask & SD_BUS_CREDS_OWNER_UID))
467 r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
471 return cg_path_get_owner_uid(shifted, uid);
474 _public_ int sd_bus_creds_get_cmdline(sd_bus_creds *c, char ***cmdline) {
475 assert_return(c, -EINVAL);
477 if (!(c->mask & SD_BUS_CREDS_CMDLINE))
480 assert_return(c->cmdline, -ESRCH);
483 if (!c->cmdline_array) {
484 c->cmdline_array = strv_parse_nulstr(c->cmdline, c->cmdline_size);
485 if (!c->cmdline_array)
489 *cmdline = c->cmdline_array;
493 _public_ int sd_bus_creds_get_audit_session_id(sd_bus_creds *c, uint32_t *sessionid) {
494 assert_return(c, -EINVAL);
495 assert_return(sessionid, -EINVAL);
497 if (!(c->mask & SD_BUS_CREDS_AUDIT_SESSION_ID))
500 *sessionid = c->audit_session_id;
504 _public_ int sd_bus_creds_get_audit_login_uid(sd_bus_creds *c, uid_t *uid) {
505 assert_return(c, -EINVAL);
506 assert_return(uid, -EINVAL);
508 if (!(c->mask & SD_BUS_CREDS_AUDIT_LOGIN_UID))
511 *uid = c->audit_login_uid;
515 _public_ int sd_bus_creds_get_unique_name(sd_bus_creds *c, const char **unique_name) {
516 assert_return(c, -EINVAL);
517 assert_return(unique_name, -EINVAL);
519 if (!(c->mask & SD_BUS_CREDS_UNIQUE_NAME))
522 *unique_name = c->unique_name;
526 _public_ int sd_bus_creds_get_well_known_names(sd_bus_creds *c, char ***well_known_names) {
527 assert_return(c, -EINVAL);
528 assert_return(well_known_names, -EINVAL);
530 if (!(c->mask & SD_BUS_CREDS_WELL_KNOWN_NAMES))
533 *well_known_names = c->well_known_names;
537 _public_ int sd_bus_creds_get_description(sd_bus_creds *c, const char **ret) {
538 assert_return(c, -EINVAL);
539 assert_return(ret, -EINVAL);
541 if (!(c->mask & SD_BUS_CREDS_DESCRIPTION))
544 assert(c->description);
546 if (!c->unescaped_description) {
547 c->unescaped_description = bus_label_unescape(c->description);
548 if (!c->unescaped_description)
552 *ret = c->unescaped_description;
556 static int has_cap(sd_bus_creds *c, unsigned offset, int capability) {
560 assert(c->capability);
562 sz = c->capability_size / 4;
563 if ((size_t) capability >= sz*8)
566 return !!(c->capability[offset * sz + (capability / 8)] & (1 << (capability % 8)));
569 _public_ int sd_bus_creds_has_effective_cap(sd_bus_creds *c, int capability) {
570 assert_return(c, -EINVAL);
571 assert_return(capability >= 0, -EINVAL);
573 if (!(c->mask & SD_BUS_CREDS_EFFECTIVE_CAPS))
576 return has_cap(c, CAP_OFFSET_EFFECTIVE, capability);
579 _public_ int sd_bus_creds_has_permitted_cap(sd_bus_creds *c, int capability) {
580 assert_return(c, -EINVAL);
581 assert_return(capability >= 0, -EINVAL);
583 if (!(c->mask & SD_BUS_CREDS_PERMITTED_CAPS))
586 return has_cap(c, CAP_OFFSET_PERMITTED, capability);
589 _public_ int sd_bus_creds_has_inheritable_cap(sd_bus_creds *c, int capability) {
590 assert_return(c, -EINVAL);
591 assert_return(capability >= 0, -EINVAL);
593 if (!(c->mask & SD_BUS_CREDS_INHERITABLE_CAPS))
596 return has_cap(c, CAP_OFFSET_INHERITABLE, capability);
599 _public_ int sd_bus_creds_has_bounding_cap(sd_bus_creds *c, int capability) {
600 assert_return(c, -EINVAL);
601 assert_return(capability >= 0, -EINVAL);
603 if (!(c->mask & SD_BUS_CREDS_BOUNDING_CAPS))
606 return has_cap(c, CAP_OFFSET_BOUNDING, capability);
609 static int parse_caps(sd_bus_creds *c, unsigned offset, const char *p) {
616 p += strspn(p, WHITESPACE);
623 if (!c->capability) {
624 c->capability = new0(uint8_t, sz * 4);
628 c->capability_size = sz * 4;
631 for (i = 0; i < sz; i ++) {
634 x = unhexchar(p[i*2]);
635 y = unhexchar(p[i*2+1]);
640 c->capability[offset * sz + (sz - i - 1)] = (uint8_t) x << 4 | (uint8_t) y;
646 int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
651 assert(c->allocated);
653 if (!(mask & SD_BUS_CREDS_AUGMENT))
656 missing = mask & ~c->mask;
660 /* Try to retrieve PID from creds if it wasn't passed to us */
661 if (pid <= 0 && (c->mask & SD_BUS_CREDS_PID))
664 if (tid <= 0 && (c->mask & SD_BUS_CREDS_TID))
667 /* Without pid we cannot do much... */
673 c->mask |= SD_BUS_CREDS_PID;
678 c->mask |= SD_BUS_CREDS_TID;
681 if (missing & (SD_BUS_CREDS_UID | SD_BUS_CREDS_EUID | SD_BUS_CREDS_SUID | SD_BUS_CREDS_FSUID |
682 SD_BUS_CREDS_GID | SD_BUS_CREDS_EGID | SD_BUS_CREDS_SGID | SD_BUS_CREDS_FSGID |
683 SD_BUS_CREDS_EFFECTIVE_CAPS | SD_BUS_CREDS_INHERITABLE_CAPS |
684 SD_BUS_CREDS_PERMITTED_CAPS | SD_BUS_CREDS_BOUNDING_CAPS)) {
686 _cleanup_fclose_ FILE *f = NULL;
689 p = procfs_file_alloca(pid, "status");
695 else if (errno != EPERM && errno != EACCES)
700 FOREACH_LINE(line, f, return -errno) {
703 if (missing & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID)) {
704 p = startswith(line, "Uid:");
706 unsigned long uid, euid, suid, fsuid;
708 p += strspn(p, WHITESPACE);
709 if (sscanf(p, "%lu %lu %lu %lu", &uid, &euid, &suid, &fsuid) != 4)
712 c->uid = (uid_t) uid;
713 c->euid = (uid_t) euid;
714 c->suid = (uid_t) suid;
715 c->fsuid = (uid_t) fsuid;
716 c->mask |= missing & (SD_BUS_CREDS_UID|SD_BUS_CREDS_EUID|SD_BUS_CREDS_SUID|SD_BUS_CREDS_FSUID);
721 if (missing & (SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID)) {
722 p = startswith(line, "Gid:");
724 unsigned long gid, egid, sgid, fsgid;
726 p += strspn(p, WHITESPACE);
727 if (sscanf(p, "%lu %lu %lu %lu", &gid, &egid, &sgid, &fsgid) != 4)
730 c->gid = (gid_t) gid;
731 c->egid = (gid_t) egid;
732 c->sgid = (gid_t) sgid;
733 c->fsgid = (gid_t) fsgid;
734 c->mask |= missing & (SD_BUS_CREDS_GID|SD_BUS_CREDS_EGID|SD_BUS_CREDS_SGID|SD_BUS_CREDS_FSGID);
739 if (missing & SD_BUS_CREDS_EFFECTIVE_CAPS) {
740 p = startswith(line, "CapEff:");
742 r = parse_caps(c, CAP_OFFSET_EFFECTIVE, p);
746 c->mask |= SD_BUS_CREDS_EFFECTIVE_CAPS;
751 if (missing & SD_BUS_CREDS_PERMITTED_CAPS) {
752 p = startswith(line, "CapPrm:");
754 r = parse_caps(c, CAP_OFFSET_PERMITTED, p);
758 c->mask |= SD_BUS_CREDS_PERMITTED_CAPS;
763 if (missing & SD_BUS_CREDS_INHERITABLE_CAPS) {
764 p = startswith(line, "CapInh:");
766 r = parse_caps(c, CAP_OFFSET_INHERITABLE, p);
770 c->mask |= SD_BUS_CREDS_INHERITABLE_CAPS;
775 if (missing & SD_BUS_CREDS_BOUNDING_CAPS) {
776 p = startswith(line, "CapBnd:");
778 r = parse_caps(c, CAP_OFFSET_BOUNDING, p);
782 c->mask |= SD_BUS_CREDS_BOUNDING_CAPS;
790 if (missing & (SD_BUS_CREDS_PID_STARTTIME)) {
791 unsigned long long st;
793 r = get_starttime_of_pid(pid, &st);
795 if (r != -EPERM && r != -EACCES)
798 c->pid_starttime = ((usec_t) st * USEC_PER_SEC) / (usec_t) sysconf(_SC_CLK_TCK);
799 c->mask |= SD_BUS_CREDS_PID_STARTTIME;
803 if (missing & SD_BUS_CREDS_SELINUX_CONTEXT) {
806 p = procfs_file_alloca(pid, "attr/current");
807 r = read_one_line_file(p, &c->label);
809 if (r != -ENOENT && r != -EINVAL && r != -EPERM && r != -EACCES)
812 c->mask |= SD_BUS_CREDS_SELINUX_CONTEXT;
815 if (missing & SD_BUS_CREDS_COMM) {
816 r = get_process_comm(pid, &c->comm);
818 if (r != -EPERM && r != -EACCES)
821 c->mask |= SD_BUS_CREDS_COMM;
824 if (missing & SD_BUS_CREDS_EXE) {
825 r = get_process_exe(pid, &c->exe);
827 if (r != -EPERM && r != -EACCES)
830 c->mask |= SD_BUS_CREDS_EXE;
833 if (missing & SD_BUS_CREDS_CMDLINE) {
836 p = procfs_file_alloca(pid, "cmdline");
837 r = read_full_file(p, &c->cmdline, &c->cmdline_size);
841 if (r != -EPERM && r != -EACCES)
844 if (c->cmdline_size == 0) {
848 c->mask |= SD_BUS_CREDS_CMDLINE;
852 if (tid > 0 && (missing & SD_BUS_CREDS_TID_COMM)) {
853 _cleanup_free_ char *p = NULL;
855 if (asprintf(&p, "/proc/"PID_FMT"/task/"PID_FMT"/comm", pid, tid) < 0)
858 r = read_one_line_file(p, &c->tid_comm);
862 if (r != -EPERM && r != -EACCES)
865 c->mask |= SD_BUS_CREDS_TID_COMM;
868 if (missing & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID)) {
870 r = cg_pid_get_path(NULL, pid, &c->cgroup);
872 if (r != -EPERM && r != -EACCES)
875 r = cg_get_root_path(&c->cgroup_root);
879 c->mask |= missing & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID);
883 if (missing & SD_BUS_CREDS_AUDIT_SESSION_ID) {
884 r = audit_session_from_pid(pid, &c->audit_session_id);
886 if (r != -ENOTSUP && r != -ENXIO && r != -ENOENT && r != -EPERM && r != -EACCES)
889 c->mask |= SD_BUS_CREDS_AUDIT_SESSION_ID;
892 if (missing & SD_BUS_CREDS_AUDIT_LOGIN_UID) {
893 r = audit_loginuid_from_pid(pid, &c->audit_login_uid);
895 if (r != -ENOTSUP && r != -ENXIO && r != -ENOENT && r != -EPERM && r != -EACCES)
898 c->mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID;
904 int bus_creds_extend_by_pid(sd_bus_creds *c, uint64_t mask, sd_bus_creds **ret) {
905 _cleanup_bus_creds_unref_ sd_bus_creds *n = NULL;
911 if ((mask & ~c->mask) == 0 || (!(mask & SD_BUS_CREDS_AUGMENT))) {
912 /* There's already all data we need, or augmentation
913 * wasn't turned on. */
915 *ret = sd_bus_creds_ref(c);
923 /* Copy the original data over */
925 if (c->mask & mask & SD_BUS_CREDS_UID) {
927 n->mask |= SD_BUS_CREDS_UID;
930 if (c->mask & mask & SD_BUS_CREDS_EUID) {
932 n->mask |= SD_BUS_CREDS_EUID;
935 if (c->mask & mask & SD_BUS_CREDS_SUID) {
937 n->mask |= SD_BUS_CREDS_SUID;
940 if (c->mask & mask & SD_BUS_CREDS_FSUID) {
942 n->mask |= SD_BUS_CREDS_FSUID;
945 if (c->mask & mask & SD_BUS_CREDS_GID) {
947 n->mask |= SD_BUS_CREDS_GID;
950 if (c->mask & mask & SD_BUS_CREDS_EGID) {
952 n->mask |= SD_BUS_CREDS_EGID;
955 if (c->mask & mask & SD_BUS_CREDS_SGID) {
957 n->mask |= SD_BUS_CREDS_SGID;
960 if (c->mask & mask & SD_BUS_CREDS_FSGID) {
962 n->mask |= SD_BUS_CREDS_FSGID;
965 if (c->mask & mask & SD_BUS_CREDS_PID) {
967 n->mask |= SD_BUS_CREDS_PID;
970 if (c->mask & mask & SD_BUS_CREDS_TID) {
972 n->mask |= SD_BUS_CREDS_TID;
975 if (c->mask & mask & SD_BUS_CREDS_PID_STARTTIME) {
976 n->pid_starttime = c->pid_starttime;
977 n->mask |= SD_BUS_CREDS_PID_STARTTIME;
980 if (c->mask & mask & SD_BUS_CREDS_COMM) {
981 n->comm = strdup(c->comm);
985 n->mask |= SD_BUS_CREDS_COMM;
988 if (c->mask & mask & SD_BUS_CREDS_TID_COMM) {
989 n->tid_comm = strdup(c->tid_comm);
993 n->mask |= SD_BUS_CREDS_TID_COMM;
996 if (c->mask & mask & SD_BUS_CREDS_EXE) {
997 n->exe = strdup(c->exe);
1001 n->mask |= SD_BUS_CREDS_EXE;
1004 if (c->mask & mask & SD_BUS_CREDS_CMDLINE) {
1005 n->cmdline = memdup(c->cmdline, c->cmdline_size);
1009 n->cmdline_size = c->cmdline_size;
1010 n->mask |= SD_BUS_CREDS_CMDLINE;
1013 if (c->mask & mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_OWNER_UID)) {
1014 n->cgroup = strdup(c->cgroup);
1018 n->cgroup_root = strdup(c->cgroup_root);
1019 if (!n->cgroup_root)
1022 n->mask |= mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_OWNER_UID);
1025 if (c->mask & mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS)) {
1026 n->capability = memdup(c->capability, c->capability_size);
1030 n->capability_size = c->capability_size;
1031 n->mask |= c->mask & mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS);
1034 if (c->mask & mask & SD_BUS_CREDS_AUDIT_SESSION_ID) {
1035 n->audit_session_id = c->audit_session_id;
1036 n->mask |= SD_BUS_CREDS_AUDIT_SESSION_ID;
1039 if (c->mask & mask & SD_BUS_CREDS_AUDIT_LOGIN_UID) {
1040 n->audit_login_uid = c->audit_login_uid;
1041 n->mask |= SD_BUS_CREDS_AUDIT_LOGIN_UID;
1044 if (c->mask & mask & SD_BUS_CREDS_UNIQUE_NAME) {
1045 n->unique_name = strdup(c->unique_name);
1046 if (!n->unique_name)
1050 if (c->mask & mask & SD_BUS_CREDS_WELL_KNOWN_NAMES) {
1051 n->well_known_names = strv_copy(c->well_known_names);
1052 if (!n->well_known_names)
1058 r = bus_creds_add_more(n, mask,
1059 c->mask & SD_BUS_CREDS_PID ? c->pid : 0,
1060 c->mask & SD_BUS_CREDS_TID ? c->tid : 0);