1SD_BUS_QUERY_SENDER_CREDS(3)sd_bus_query_sender_credSsD_BUS_QUERY_SENDER_CREDS(3)
2
3
4

NAME

6       sd_bus_query_sender_creds, sd_bus_query_sender_privilege - Query bus
7       message sender credentials/privileges
8

SYNOPSIS

10       #include <systemd/sd-bus.h>
11
12       int sd_bus_query_sender_creds(sd_bus_message *m, uint64_t mask,
13                                     sd_bus_creds **creds);
14
15       sd_bus_error* sd_bus_query_sender_privilege(sd_bus_message *m,
16                                                   int capability);
17

DESCRIPTION

19       sd_bus_query_sender_creds() returns the credentials of the message m.
20       The mask parameter is a combo of SD_BUS_CREDS_* flags that indicate
21       which credential info the caller is interested in. See
22       sd_bus_creds_new_from_pid(3) for a list of possible flags. First, this
23       message checks if the requested credentials are attached to the message
24       itself. If not but the message contains the pid of the sender, this
25       function tries to figure out the missing credentials via other means
26       (starting from the pid). If the pid isn't available but the message has
27       a sender, this function calls sd_bus_get_name_creds(3) to get the
28       requested credentials. If the message has no sender (when a direct
29       connection is used), this function calls sd_bus_get_owner_creds(3) to
30       get the requested credentials. On success, the requested credentials
31       are stored in creds. Ownership of the credentials object in creds is
32       transferred to the caller and should be freed by calling
33       sd_bus_creds_unref(3).
34
35       sd_bus_query_sender_privilege() checks if the message m has the
36       requested privileges. If capability is a non-negative integer, this
37       function checks if the message has the capability with the same value.
38       See capabilities(7) for a list of capabilities. If capability is a
39       negative integer, this function returns whether the sender of the
40       message runs as the same user as the receiver of the message, or if the
41       sender of the message runs as root and the receiver of the message does
42       not run as root. On success and if the message has the requested
43       privileges, this function returns a positive integer. If the message
44       does not have the requested privileges, this function returns zero.
45

RETURN VALUE

47       On success, these functions return a non-negative integer. On failure,
48       they return a negative errno-style error code.
49
50   Errors
51       Returned errors may indicate the following problems:
52
53       -EINVAL
54           The message m or an output parameter is NULL.
55
56       -ENOTCONN
57           The bus of m is not connected.
58
59       -ECHILD
60           The bus of m was created in a different process.
61
62       -EPERM
63           The message m is not sealed.
64

NOTES

66       These APIs are implemented as a shared library, which can be compiled
67       and linked to with the libsystemd pkg-config(1) file.
68

SEE ALSO

70       systemd(1), sd-bus(3), sd_bus_creds_new_from_pid(3),
71       sd_bus_get_name_creds(3), sd_bus_get_owner_creds(3),
72       sd_bus_creds_unref(3), capabilities(7)
73
74
75
76systemd 246                                       SD_BUS_QUERY_SENDER_CREDS(3)
Impressum