sd_bus_query_sender_creds
systemd
sd_bus_query_sender_creds
3
sd_bus_query_sender_creds
sd_bus_query_sender_privilege
Query bus message sender credentials/privileges
#include <systemd/sd-bus.h>
int sd_bus_query_sender_creds
sd_bus_message *m
uint64_t mask
sd_bus_creds **creds
sd_bus_error* sd_bus_query_sender_privilege
sd_bus_message *m
int capability
Description
sd_bus_query_sender_creds() returns the credentials of the message
m. The mask parameter is a combo of
SD_BUS_CREDS_* flags that indicate which credential info the caller is
interested in. See
sd_bus_creds_new_from_pid3
for a list of possible flags. First, this message checks if the requested credentials are attached to the
message itself. If not, but the message contains the pid of the sender and the caller specified the
SD_BUS_CREDS_AUGMENT flag, this function tries to figure out
the missing credentials via other means (starting from the pid). If the pid isn't available but the
message has a sender, this function calls
sd_bus_get_name_creds3
to get the requested credentials. If the message has no sender (when a direct connection is used), this
function calls
sd_bus_get_owner_creds3
to get the requested credentials. On success, the requested credentials are stored in
creds. Ownership of the credentials object in creds is
transferred to the caller and should be freed by calling
sd_bus_creds_unref3.
sd_bus_query_sender_privilege() checks if the message m
has the requested privileges. If capability is a non-negative integer, this
function checks if the message has the capability with the same value. See
capabilities7
for a list of capabilities. If capability is a negative integer, this function
returns whether the sender of the message runs as the same user as the receiver of the message, or if the
sender of the message runs as root and the receiver of the message does not run as root. On success and
if the message has the requested privileges, this function returns a positive integer. If the message
does not have the requested privileges, this function returns zero.
Return Value
On success, these functions return a non-negative integer. On failure, they return a negative
errno-style error code.
Errors
Returned errors may indicate the following problems:
-EINVAL
The message m or an output parameter is
NULL.
-ENOTCONN
The bus of m is not connected.
-ECHILD
The bus of m was created in a different process, library or module instance.
-EPERM
The message m is not sealed.
History
sd_bus_query_sender_creds() and
sd_bus_query_sender_privilege() were added in version 246.
See Also
systemd1,
sd-bus3,
sd_bus_creds_new_from_pid3,
sd_bus_get_name_creds3,
sd_bus_get_owner_creds3,
sd_bus_creds_unref3,
capabilities7