summaryrefslogtreecommitdiffstats
path: root/man/sd_bus_query_sender_creds.xml
blob: f7c802bee9fcfa2d6a8898fc7d7414691214b875 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
<?xml version='1.0'?> <!--*-nxml-*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1-or-later -->

<refentry id="sd_bus_query_sender_creds" xmlns:xi="http://www.w3.org/2001/XInclude">

  <refentryinfo>
    <title>sd_bus_query_sender_creds</title>
    <productname>systemd</productname>
  </refentryinfo>

  <refmeta>
    <refentrytitle>sd_bus_query_sender_creds</refentrytitle>
    <manvolnum>3</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>sd_bus_query_sender_creds</refname>
    <refname>sd_bus_query_sender_privilege</refname>

    <refpurpose>Query bus message sender credentials/privileges</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <funcsynopsis>
      <funcsynopsisinfo>#include &lt;systemd/sd-bus.h&gt;</funcsynopsisinfo>

      <funcprototype>
        <funcdef>int <function>sd_bus_query_sender_creds</function></funcdef>
        <paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
        <paramdef>uint64_t <parameter>mask</parameter></paramdef>
        <paramdef>sd_bus_creds **<parameter>creds</parameter></paramdef>
      </funcprototype>

      <funcprototype>
        <funcdef>sd_bus_error* <function>sd_bus_query_sender_privilege</function></funcdef>
        <paramdef>sd_bus_message *<parameter>m</parameter></paramdef>
        <paramdef>int <parameter>capability</parameter></paramdef>
      </funcprototype>
    </funcsynopsis>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para><function>sd_bus_query_sender_creds()</function> returns the credentials of the message
    <parameter>m</parameter>. The <parameter>mask</parameter> parameter is a combo of
    <constant index='false'>SD_BUS_CREDS_*</constant> flags that indicate which credential info the caller is
    interested in. See
    <citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>
    for a list of possible flags. First, this message checks if the requested credentials are attached to the
    message itself. If not, but the message contains the pid of the sender and the caller specified the
    <constant index='false'>SD_BUS_CREDS_AUGMENT</constant> flag, this function tries to figure out
    the missing credentials via other means (starting from the pid). If the pid isn't available but the
    message has a sender, this function calls
    <citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
    to get the requested credentials. If the message has no sender (when a direct connection is used), this
    function calls
    <citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
    to get the requested credentials. On success, the requested credentials are stored in
    <parameter>creds</parameter>. Ownership of the credentials object in <parameter>creds</parameter> is
    transferred to the caller and should be freed by calling
    <citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
    </para>

    <para><function>sd_bus_query_sender_privilege()</function> checks if the message <parameter>m</parameter>
    has the requested privileges. If <parameter>capability</parameter> is a non-negative integer, this
    function checks if the message has the capability with the same value. See
    <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
    for a list of capabilities. If <parameter>capability</parameter> is a negative integer, this function
    returns whether the sender of the message runs as the same user as the receiver of the message, or if the
    sender of the message runs as root and the receiver of the message does not run as root. On success and
    if the message has the requested privileges, this function returns a positive integer. If the message
    does not have the requested privileges, this function returns zero.</para>
  </refsect1>

  <refsect1>
    <title>Return Value</title>

    <para>On success, these functions return a non-negative integer. On failure, they return a negative
    errno-style error code.</para>

    <refsect2>
      <title>Errors</title>

      <para>Returned errors may indicate the following problems:</para>

      <variablelist>
        <varlistentry>
          <term><constant>-EINVAL</constant></term>

          <listitem><para>The message <parameter>m</parameter> or an output parameter is
          <constant>NULL</constant>.</para>

          <xi:include href="version-info.xml" xpointer="v246"/></listitem>
        </varlistentry>

        <varlistentry>
          <term><constant>-ENOTCONN</constant></term>

          <listitem><para>The bus of <parameter>m</parameter> is not connected.</para>

          <xi:include href="version-info.xml" xpointer="v246"/></listitem>
        </varlistentry>

        <varlistentry>
          <term><constant>-ECHILD</constant></term>

          <listitem><para>The bus of <parameter>m</parameter> was created in a different process, library or module instance.
          </para>

          <xi:include href="version-info.xml" xpointer="v246"/></listitem>
        </varlistentry>

        <varlistentry>
          <term><constant>-EPERM</constant></term>

          <listitem><para>The message <parameter>m</parameter> is not sealed.</para>

          <xi:include href="version-info.xml" xpointer="v246"/></listitem>
        </varlistentry>
      </variablelist>
    </refsect2>
  </refsect1>

  <xi:include href="libsystemd-pkgconfig.xml" />

  <refsect1>
    <title>History</title>
    <para><function>sd_bus_query_sender_creds()</function> and
    <function>sd_bus_query_sender_privilege()</function> were added in version 246.</para>
  </refsect1>

  <refsect1>
    <title>See Also</title>

    <para><simplelist type="inline">
      <member><citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
      <member><citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry></member>
      <member><citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry></member>
    </simplelist></para>
  </refsect1>
</refentry>