1 <?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
6 SPDX-License-Identifier: LGPL-2.1+
9 <refentry id="sd_bus_creds_get_pid" xmlns:xi="http://www.w3.org/2001/XInclude">
12 <title>sd_bus_creds_get_pid</title>
13 <productname>systemd</productname>
17 <contrib>A monkey with a typewriter</contrib>
18 <firstname>Zbigniew</firstname>
19 <surname>Jędrzejewski-Szmek</surname>
20 <email>zbyszek@in.waw.pl</email>
26 <refentrytitle>sd_bus_creds_get_pid</refentrytitle>
27 <manvolnum>3</manvolnum>
31 <refname>sd_bus_creds_get_pid</refname>
32 <refname>sd_bus_creds_get_ppid</refname>
33 <refname>sd_bus_creds_get_tid</refname>
34 <refname>sd_bus_creds_get_uid</refname>
35 <refname>sd_bus_creds_get_euid</refname>
36 <refname>sd_bus_creds_get_suid</refname>
37 <refname>sd_bus_creds_get_fsuid</refname>
38 <refname>sd_bus_creds_get_gid</refname>
39 <refname>sd_bus_creds_get_egid</refname>
40 <refname>sd_bus_creds_get_sgid</refname>
41 <refname>sd_bus_creds_get_fsgid</refname>
42 <refname>sd_bus_creds_get_supplementary_gids</refname>
43 <refname>sd_bus_creds_get_comm</refname>
44 <refname>sd_bus_creds_get_tid_comm</refname>
45 <refname>sd_bus_creds_get_exe</refname>
46 <refname>sd_bus_creds_get_cmdline</refname>
47 <refname>sd_bus_creds_get_cgroup</refname>
48 <refname>sd_bus_creds_get_unit</refname>
49 <refname>sd_bus_creds_get_slice</refname>
50 <refname>sd_bus_creds_get_user_unit</refname>
51 <refname>sd_bus_creds_get_user_slice</refname>
52 <refname>sd_bus_creds_get_session</refname>
53 <refname>sd_bus_creds_get_owner_uid</refname>
54 <refname>sd_bus_creds_has_effective_cap</refname>
55 <refname>sd_bus_creds_has_permitted_cap</refname>
56 <refname>sd_bus_creds_has_inheritable_cap</refname>
57 <refname>sd_bus_creds_has_bounding_cap</refname>
58 <refname>sd_bus_creds_get_selinux_context</refname>
59 <refname>sd_bus_creds_get_audit_session_id</refname>
60 <refname>sd_bus_creds_get_audit_login_uid</refname>
61 <refname>sd_bus_creds_get_tty</refname>
62 <refname>sd_bus_creds_get_unique_name</refname>
63 <refname>sd_bus_creds_get_well_known_names</refname>
64 <refname>sd_bus_creds_get_description</refname>
66 <refpurpose>Retrieve fields from a credentials object</refpurpose>
71 <funcsynopsisinfo>#include <systemd/sd-bus.h></funcsynopsisinfo>
74 <funcdef>int <function>sd_bus_creds_get_pid</function></funcdef>
75 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
76 <paramdef>pid_t *<parameter>pid</parameter></paramdef>
80 <funcdef>int <function>sd_bus_creds_get_ppid</function></funcdef>
81 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
82 <paramdef>pid_t *<parameter>ppid</parameter></paramdef>
86 <funcdef>int <function>sd_bus_creds_get_tid</function></funcdef>
87 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
88 <paramdef>pid_t *<parameter>tid</parameter></paramdef>
92 <funcdef>int <function>sd_bus_creds_get_uid</function></funcdef>
93 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
94 <paramdef>uid_t *<parameter>uid</parameter></paramdef>
98 <funcdef>int <function>sd_bus_creds_get_euid</function></funcdef>
99 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
100 <paramdef>uid_t *<parameter>uid</parameter></paramdef>
104 <funcdef>int <function>sd_bus_creds_get_suid</function></funcdef>
105 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
106 <paramdef>uid_t *<parameter>uid</parameter></paramdef>
110 <funcdef>int <function>sd_bus_creds_get_fsuid</function></funcdef>
111 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
112 <paramdef>uid_t *<parameter>uid</parameter></paramdef>
116 <funcdef>int <function>sd_bus_creds_get_gid</function></funcdef>
117 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
118 <paramdef>gid_t *<parameter>gid</parameter></paramdef>
122 <funcdef>int <function>sd_bus_creds_get_egid</function></funcdef>
123 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
124 <paramdef>gid_t *<parameter>gid</parameter></paramdef>
128 <funcdef>int <function>sd_bus_creds_get_sgid</function></funcdef>
129 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
130 <paramdef>gid_t *<parameter>gid</parameter></paramdef>
134 <funcdef>int <function>sd_bus_creds_get_fsgid</function></funcdef>
135 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
136 <paramdef>gid_t *<parameter>gid</parameter></paramdef>
140 <funcdef>int <function>sd_bus_creds_get_supplementary_gids</function></funcdef>
141 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
142 <paramdef>const gid_t **<parameter>gids</parameter></paramdef>
146 <funcdef>int <function>sd_bus_creds_get_comm</function></funcdef>
147 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
148 <paramdef>const char **<parameter>comm</parameter></paramdef>
152 <funcdef>int <function>sd_bus_creds_get_tid_comm</function></funcdef>
153 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
154 <paramdef>const char **<parameter>comm</parameter></paramdef>
158 <funcdef>int <function>sd_bus_creds_get_exe</function></funcdef>
159 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
160 <paramdef>const char **<parameter>exe</parameter></paramdef>
164 <funcdef>int <function>sd_bus_creds_get_cmdline</function></funcdef>
165 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
166 <paramdef>char ***<parameter>cmdline</parameter></paramdef>
170 <funcdef>int <function>sd_bus_creds_get_cgroup</function></funcdef>
171 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
172 <paramdef>const char **<parameter>cgroup</parameter></paramdef>
176 <funcdef>int <function>sd_bus_creds_get_unit</function></funcdef>
177 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
178 <paramdef>const char **<parameter>unit</parameter></paramdef>
182 <funcdef>int <function>sd_bus_creds_get_slice</function></funcdef>
183 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
184 <paramdef>const char **<parameter>slice</parameter></paramdef>
188 <funcdef>int <function>sd_bus_creds_get_user_unit</function></funcdef>
189 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
190 <paramdef>const char **<parameter>unit</parameter></paramdef>
194 <funcdef>int <function>sd_bus_creds_get_user_slice</function></funcdef>
195 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
196 <paramdef>const char **<parameter>slice</parameter></paramdef>
200 <funcdef>int <function>sd_bus_creds_get_session</function></funcdef>
201 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
202 <paramdef>const char **<parameter>slice</parameter></paramdef>
206 <funcdef>int <function>sd_bus_creds_get_owner_uid</function></funcdef>
207 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
208 <paramdef>uid_t *<parameter>uid</parameter></paramdef>
212 <funcdef>int <function>sd_bus_creds_has_effective_cap</function></funcdef>
213 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
214 <paramdef>int <parameter>capability</parameter></paramdef>
218 <funcdef>int <function>sd_bus_creds_has_permitted_cap</function></funcdef>
219 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
220 <paramdef>int <parameter>capability</parameter></paramdef>
224 <funcdef>int <function>sd_bus_creds_has_inheritable_cap</function></funcdef>
225 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
226 <paramdef>int <parameter>capability</parameter></paramdef>
230 <funcdef>int <function>sd_bus_creds_has_bounding_cap</function></funcdef>
231 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
232 <paramdef>int <parameter>capability</parameter></paramdef>
236 <funcdef>int <function>sd_bus_creds_get_selinux_context</function></funcdef>
237 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
238 <paramdef>const char **<parameter>context</parameter></paramdef>
242 <funcdef>int <function>sd_bus_creds_get_audit_session_id</function></funcdef>
243 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
244 <paramdef>uint32_t *<parameter>sessionid</parameter></paramdef>
248 <funcdef>int <function>sd_bus_creds_get_audit_login_uid</function></funcdef>
249 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
250 <paramdef>uid_t *<parameter>loginuid</parameter></paramdef>
254 <funcdef>int <function>sd_bus_creds_get_tty</function></funcdef>
255 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
256 <paramdef>const char **<parameter>tty</parameter></paramdef>
260 <funcdef>int <function>sd_bus_creds_get_unique_name</function></funcdef>
261 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
262 <paramdef>const char **<parameter>name</parameter></paramdef>
266 <funcdef>int <function>sd_bus_creds_get_well_known_names</function></funcdef>
267 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
268 <paramdef>char ***<parameter>name</parameter></paramdef>
272 <funcdef>int <function>sd_bus_creds_get_description</function></funcdef>
273 <paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
274 <paramdef>const char **<parameter>name</parameter></paramdef>
281 <title>Description</title>
283 <para>These functions return credential information from an
284 <parameter>sd_bus_creds</parameter> object. Credential objects may
286 <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
287 in which case they describe the credentials of the process
288 identified by the specified PID, with
289 <citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
290 in which case they describe the credentials of a bus peer
291 identified by the specified bus name, with
292 <citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
293 in which case they describe the credentials of the creator of a
295 <citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
296 in which case they describe the credentials of the sender of the
299 <para>Not all credential fields are part of every
300 <literal>sd_bus_creds</literal> object. Use
301 <citerefentry><refentrytitle>sd_bus_creds_get_mask</refentrytitle><manvolnum>3</manvolnum></citerefentry>
302 to determine the mask of fields available.</para>
304 <para><function>sd_bus_creds_get_pid()</function> will retrieve
305 the PID (process identifier). Similarly,
306 <function>sd_bus_creds_get_ppid()</function> will retrieve the
307 parent PID. Note that PID 1 has no parent process, in which case
308 -ENXIO is returned.</para>
310 <para><function>sd_bus_creds_get_tid()</function> will retrieve the
311 TID (thread identifier).</para>
313 <para><function>sd_bus_creds_get_uid()</function> will retrieve
314 the numeric UID (user identifier). Similarly,
315 <function>sd_bus_creds_get_euid()</function> returns the effective
316 UID, <function>sd_bus_creds_get_suid()</function> the saved UID
317 and <function>sd_bus_creds_get_fsuid()</function> the file system
320 <para><function>sd_bus_creds_get_gid()</function> will retrieve the
321 numeric GID (group identifier). Similarly,
322 <function>sd_bus_creds_get_egid()</function> returns the effective
323 GID, <function>sd_bus_creds_get_sgid()</function> the saved GID
324 and <function>sd_bus_creds_get_fsgid()</function> the file system
327 <para><function>sd_bus_creds_get_supplementary_gids()</function>
328 will retrieve the supplementary GIDs list.</para>
330 <para><function>sd_bus_creds_get_comm()</function> will retrieve the
331 comm field (truncated name of the executable, as stored in
332 <filename>/proc/<replaceable>pid</replaceable>/comm</filename>).
335 <para><function>sd_bus_creds_get_tid_comm()</function> will retrieve
336 the comm field of the thread (as stored in
337 <filename>/proc/<replaceable>pid</replaceable>/task/<replaceable>tid</replaceable>/comm</filename>).
340 <para><function>sd_bus_creds_get_exe()</function> will retrieve
341 the path to the program executable (as stored in the
342 <filename>/proc/<replaceable>pid</replaceable>/exe</filename>
343 link, but with the <literal> (deleted)</literal> suffix removed). Note
344 that kernel threads do not have an executable path, in which case
345 -ENXIO is returned.</para>
347 <para><function>sd_bus_creds_get_cmdline()</function> will
348 retrieve an array of command line arguments (as stored in
349 <filename>/proc/<replaceable>pid</replaceable>/cmdline</filename>). Note
350 that kernel threads do not have a command line, in which case
351 -ENXIO is returned.</para>
353 <para><function>sd_bus_creds_get_cgroup()</function> will retrieve
354 the control group path. See <ulink
355 url="https://www.kernel.org/doc/Documentation/cgroup-v1/cgroups.txt">cgroups.txt</ulink>.
358 <para><function>sd_bus_creds_get_unit()</function> will retrieve
359 the systemd unit name (in the system instance of systemd) that the
360 process is a part of. See
361 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For
362 processes that are not part of a unit, returns -ENXIO.
365 <para><function>sd_bus_creds_get_user_unit()</function> will
366 retrieve the systemd unit name (in the user instance of systemd)
367 that the process is a part of. See
368 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. For
369 processes that are not part of a user unit, returns -ENXIO.
372 <para><function>sd_bus_creds_get_slice()</function> will retrieve
373 the systemd slice (a unit in the system instance of systemd) that
374 the process is a part of. See
375 <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similarly,
376 <function>sd_bus_creds_get_user_slice()</function> retrieves the
377 systemd slice of the process, in the user instance of systemd.
380 <para><function>sd_bus_creds_get_session()</function> will
381 retrieve the identifier of the login session that the process is
382 a part of. Please note the login session may be limited to a stub
383 process or two. User processes may instead be started from their
384 elogind user manager, e.g. GUI applications started using DBus
385 activation, as well as service processes which are shared between
386 multiple logins of the same user. For processes that are not part
387 of a session, returns -ENXIO.</para>
389 <para><function>sd_bus_creds_get_owner_uid()</function> will
390 retrieve the numeric UID (user identifier) of the user who owns
391 the user unit or login session that the process is a part of. See
392 <citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
393 For processes that are not part of a user unit or session, returns
397 <para><function>sd_bus_creds_has_effective_cap()</function> will check whether the capability specified by
398 <parameter>capability</parameter> was set in the effective capabilities mask. A positive return value means that it
399 was set, zero means that it was not set, and a negative return value indicates an error. See <citerefentry
400 project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> and the
401 <varname>AmbientCapabilities=</varname> and <varname>CapabilityBoundingSet=</varname> settings in
402 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
405 <para><function>sd_bus_creds_has_permitted_cap()</function> is
406 similar to <function>sd_bus_creds_has_effective_cap()</function>,
407 but will check the permitted capabilities mask.</para>
409 <para><function>sd_bus_creds_has_inheritable_cap()</function> is
410 similar to <function>sd_bus_creds_has_effective_cap()</function>,
411 but will check the inheritable capabilities mask.</para>
413 <para><function>sd_bus_creds_has_bounding_cap()</function> is
414 similar to <function>sd_bus_creds_has_effective_cap()</function>,
415 but will check the bounding capabilities mask.</para>
417 <para><function>sd_bus_creds_get_selinux_context()</function> will
418 retrieve the SELinux security context (label) of the process.</para>
420 <para><function>sd_bus_creds_get_audit_session_id()</function>
421 will retrieve the audit session identifier of the process. Returns
422 -ENXIO for processes that are not part of an audit session.</para>
424 <para><function>sd_bus_creds_get_audit_login_uid()</function> will
425 retrieve the audit user login identifier (the identifier of the
426 user who is "responsible" for the session). Returns -ENXIO for
427 processes that are not part of an audit session.</para>
429 <para><function>sd_bus_creds_get_tty()</function> will retrieve
430 the controlling TTY, without the prefixing "/dev/". Returns -ENXIO
431 for processes that have no controlling TTY.</para>
433 <para><function>sd_bus_creds_get_unique_name()</function> will
434 retrieve the D-Bus unique name. See <ulink
435 url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The
436 D-Bus specification</ulink>.</para>
438 <para><function>sd_bus_creds_get_well_known_names()</function> will
439 retrieve the set of D-Bus well-known names. See <ulink
440 url="http://dbus.freedesktop.org/doc/dbus-specification.html#message-protocol-names-bus">The
441 D-Bus specification</ulink>.</para>
443 <para><function>sd_bus_creds_get_description()</function> will
444 retrieve a descriptive name of the bus connection of the
445 peer. This name is useful to discern multiple bus connections by
446 the same peer, and may be altered by the peer with the
447 <citerefentry><refentrytitle>sd_bus_set_description</refentrytitle><manvolnum>3</manvolnum></citerefentry>
450 <para>All functions that take a <parameter>const
451 char**</parameter> parameter will store the answer there as an
452 address of a NUL-terminated string. It will be valid as long as
453 <parameter>c</parameter> remains valid, and should not be freed or
454 modified by the caller.</para>
456 <para>All functions that take a <parameter>char***</parameter>
457 parameter will store the answer there as an address of an array
458 of strings. Each individual string is NUL-terminated, and the
459 array is NULL-terminated as a whole. It will be valid as long as
460 <parameter>c</parameter> remains valid, and should not be freed or
461 modified by the caller.</para>
465 <title>Return Value</title>
467 <para>On success, these calls return 0 or a positive integer. On
468 failure, these calls return a negative errno-style error code.
473 <title>Errors</title>
475 <para>Returned errors may indicate the following problems:</para>
479 <term><constant>-ENODATA</constant></term>
481 <listitem><para>The given field is not available in the
482 credentials object <parameter>c</parameter>.</para>
487 <term><constant>-ENXIO</constant></term>
489 <listitem><para>The given field is not specified for the described
490 process or peer. This will be returned by
491 <function>sd_bus_creds_get_unit()</function>,
492 <function>sd_bus_creds_get_slice()</function>,
493 <function>sd_bus_creds_get_user_unit()</function>,
494 <function>sd_bus_creds_get_user_slice()</function>, and
495 <function>sd_bus_creds_get_session()</function> if the process is
496 not part of a systemd system unit, systemd user unit, systemd
497 slice, or logind session. It will be returned by
498 <function>sd_bus_creds_get_owner_uid()</function> if the process is
499 not part of a elogind user unit or logind session. It will also be
500 returned by <function>sd_bus_creds_get_exe()</function> and
501 <function>sd_bus_creds_get_cmdline()</function> for kernel
502 threads (since these are not started from an executable binary,
503 nor have a command line), and by
504 <function>sd_bus_creds_get_audit_session_id()</function> and
505 <function>sd_bus_creds_get_audit_login_uid()</function> when
506 the process is not part of an audit session, and
507 <function>sd_bus_creds_get_tty()</function> if the process has
514 <term><constant>-EINVAL</constant></term>
516 <listitem><para>Specified pointer parameter is <constant>NULL</constant>.
521 <term><constant>-ENOMEM</constant></term>
523 <listitem><para>Memory allocation failed.</para></listitem>
528 <xi:include href="libelogind-pkgconfig.xml" />
531 <title>See Also</title>
534 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
535 <citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
536 <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
537 <citerefentry project='man-pages'><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
538 <citerefentry project='man-pages'><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
539 <citerefentry project='man-pages'><refentrytitle>credentials</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
540 <citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
541 <citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
542 <citerefentry><refentrytitle>systemd.journal-fields</refentrytitle><manvolnum>7</manvolnum></citerefentry>