mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-22 13:33:56 +03:00
man: fully document sd_bus_creds subsystem
[@zonque: typo fixed, reported by @ronnychevalier]
This commit is contained in:
parent
9d3e5d11be
commit
f6f7a9848e
@ -227,6 +227,7 @@ MANPAGES_ALIAS += \
|
||||
man/reboot.8 \
|
||||
man/sd_bus_creds_get_audit_login_uid.3 \
|
||||
man/sd_bus_creds_get_audit_session_id.3 \
|
||||
man/sd_bus_creds_get_augmented_mask.3 \
|
||||
man/sd_bus_creds_get_cgroup.3 \
|
||||
man/sd_bus_creds_get_cmdline.3 \
|
||||
man/sd_bus_creds_get_comm.3 \
|
||||
@ -252,6 +253,7 @@ MANPAGES_ALIAS += \
|
||||
man/sd_bus_creds_get_uid.3 \
|
||||
man/sd_bus_creds_get_unique_name.3 \
|
||||
man/sd_bus_creds_get_unit.3 \
|
||||
man/sd_bus_creds_get_user_slice.3 \
|
||||
man/sd_bus_creds_get_user_unit.3 \
|
||||
man/sd_bus_creds_get_well_known_names.3 \
|
||||
man/sd_bus_creds_has_bounding_cap.3 \
|
||||
@ -511,6 +513,7 @@ man/poweroff.8: man/halt.8
|
||||
man/reboot.8: man/halt.8
|
||||
man/sd_bus_creds_get_audit_login_uid.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_audit_session_id.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_augmented_mask.3: man/sd_bus_creds_new_from_pid.3
|
||||
man/sd_bus_creds_get_cgroup.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_cmdline.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_comm.3: man/sd_bus_creds_get_pid.3
|
||||
@ -536,6 +539,7 @@ man/sd_bus_creds_get_tty.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_uid.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_unique_name.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_unit.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_user_slice.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_user_unit.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_get_well_known_names.3: man/sd_bus_creds_get_pid.3
|
||||
man/sd_bus_creds_has_bounding_cap.3: man/sd_bus_creds_get_pid.3
|
||||
@ -925,6 +929,9 @@ man/sd_bus_creds_get_audit_login_uid.html: man/sd_bus_creds_get_pid.html
|
||||
man/sd_bus_creds_get_audit_session_id.html: man/sd_bus_creds_get_pid.html
|
||||
$(html-alias)
|
||||
|
||||
man/sd_bus_creds_get_augmented_mask.html: man/sd_bus_creds_new_from_pid.html
|
||||
$(html-alias)
|
||||
|
||||
man/sd_bus_creds_get_cgroup.html: man/sd_bus_creds_get_pid.html
|
||||
$(html-alias)
|
||||
|
||||
@ -1000,6 +1007,9 @@ man/sd_bus_creds_get_unique_name.html: man/sd_bus_creds_get_pid.html
|
||||
man/sd_bus_creds_get_unit.html: man/sd_bus_creds_get_pid.html
|
||||
$(html-alias)
|
||||
|
||||
man/sd_bus_creds_get_user_slice.html: man/sd_bus_creds_get_pid.html
|
||||
$(html-alias)
|
||||
|
||||
man/sd_bus_creds_get_user_unit.html: man/sd_bus_creds_get_pid.html
|
||||
$(html-alias)
|
||||
|
||||
|
@ -61,8 +61,9 @@
|
||||
<refname>sd_bus_creds_get_cmdline</refname>
|
||||
<refname>sd_bus_creds_get_cgroup</refname>
|
||||
<refname>sd_bus_creds_get_unit</refname>
|
||||
<refname>sd_bus_creds_get_user_unit</refname>
|
||||
<refname>sd_bus_creds_get_slice</refname>
|
||||
<refname>sd_bus_creds_get_user_unit</refname>
|
||||
<refname>sd_bus_creds_get_user_slice</refname>
|
||||
<refname>sd_bus_creds_get_session</refname>
|
||||
<refname>sd_bus_creds_get_owner_uid</refname>
|
||||
<refname>sd_bus_creds_has_effective_cap</refname>
|
||||
@ -192,6 +193,12 @@
|
||||
<paramdef>const char **<parameter>unit</parameter></paramdef>
|
||||
</funcprototype>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>int <function>sd_bus_creds_get_slice</function></funcdef>
|
||||
<paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
|
||||
<paramdef>const char **<parameter>slice</parameter></paramdef>
|
||||
</funcprototype>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>int <function>sd_bus_creds_get_user_unit</function></funcdef>
|
||||
<paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
|
||||
@ -199,7 +206,7 @@
|
||||
</funcprototype>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>int <function>sd_bus_creds_get_slice</function></funcdef>
|
||||
<funcdef>int <function>sd_bus_creds_get_user_slice</function></funcdef>
|
||||
<paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
|
||||
<paramdef>const char **<parameter>slice</parameter></paramdef>
|
||||
</funcprototype>
|
||||
@ -288,9 +295,9 @@
|
||||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para>These functions return information from an
|
||||
<parameter>sd_bus_creds</parameter> credential object. Credential
|
||||
objects may be created with
|
||||
<para>These functions return credential information from an
|
||||
<parameter>sd_bus_creds</parameter> object. Credential objects may
|
||||
be created with
|
||||
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
in which case they describe the credentials of the process
|
||||
identified by the specified PID, with
|
||||
@ -301,7 +308,13 @@
|
||||
in which case they describe the credentials of the creator of a
|
||||
bus, or with
|
||||
<citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
in which case they describe the credentials of the sender of the message.</para>
|
||||
in which case they describe the credentials of the sender of the
|
||||
message.</para>
|
||||
|
||||
<para>Not all credential fields are part of every
|
||||
<literal>sd_bus_creds</literal> object. Use
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_mask</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
to determine the mask of fields available.</para>
|
||||
|
||||
<para><function>sd_bus_creds_get_pid()</function> will retrieve
|
||||
the PID (process identifier). Similar,
|
||||
@ -374,19 +387,22 @@
|
||||
<para><function>sd_bus_creds_get_slice()</function> will retrieve
|
||||
the systemd slice (a unit in the system instance of systemd) that
|
||||
the process is part of. See
|
||||
<citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||
<citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Similar,
|
||||
<function>sd_bus_creds_get_user_slice()</function> retrieves the
|
||||
systemd slice of the process, in the user instance of systemd.
|
||||
</para>
|
||||
|
||||
<para><function>sd_bus_creds_get_session()</function> will
|
||||
retrieve the logind session that the process is part of. See
|
||||
retrieve the identifier of the login session that the process is
|
||||
part of. See
|
||||
<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>. For
|
||||
processes that are not part of a session returns -ENXIO.
|
||||
</para>
|
||||
|
||||
<para><function>sd_bus_creds_get_owner_uid()</function> will
|
||||
retrieve the numeric UID (user identifier) of the user who owns
|
||||
the session that the process is part of. See
|
||||
<citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
the login session that the process is part of. See
|
||||
<citerefentry><refentrytitle>systemd-logind.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
|
||||
For processes that are not part of a session returns -ENXIO.
|
||||
</para>
|
||||
|
||||
@ -395,7 +411,7 @@
|
||||
<parameter>capability</parameter> was set in the effective
|
||||
capabilities mask. A positive return value means that is was
|
||||
set, zero means that it was not set, and a negative return
|
||||
value signifies an error. See
|
||||
value indicates an error. See
|
||||
<citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
|
||||
and <varname>Capabilities=</varname> and
|
||||
<varname>CapabilityBoundingSet=</varname> settings in
|
||||
@ -427,8 +443,8 @@
|
||||
processes that are not part of an audit session.</para>
|
||||
|
||||
<para><function>sd_bus_creds_get_tty()</function> will retrieve
|
||||
the controlling TTY. Returns -ENXIO for processes that have no
|
||||
controlling TTY.</para>
|
||||
the controlling TTY, without the prefixing "/dev/". Returns -ENXIO
|
||||
for processes that have no controlling TTY.</para>
|
||||
|
||||
<para><function>sd_bus_creds_get_unique_name()</function> will
|
||||
retrieve the D-Bus unique name. See <ulink
|
||||
@ -489,8 +505,9 @@
|
||||
<listitem><para>Given field is not specified for the described
|
||||
process or peer. This will be returned by
|
||||
<function>sd_bus_get_unit()</function>,
|
||||
<function>sd_bus_get_user_unit()</function>,
|
||||
<function>sd_bus_get_slice()</function>,
|
||||
<function>sd_bus_get_user_unit()</function>,
|
||||
<function>sd_bus_get_user_slice()</function>,
|
||||
<function>sd_bus_get_session()</function>, and
|
||||
<function>sd_bus_get_owner_uid()</function> if the process is
|
||||
not part of a systemd system unit, systemd user unit, systemd
|
||||
@ -526,10 +543,11 @@
|
||||
<refsect1>
|
||||
<title>Notes</title>
|
||||
|
||||
<para><function>sd_bus_open_user()</function> and other functions
|
||||
described here are available as a shared library, which can be
|
||||
compiled and linked to with the
|
||||
<constant>libsystemd</constant> <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
<para><function>sd_bus_creds_get_pid()</function> and the other
|
||||
functions described here are available as a shared library, which
|
||||
can be compiled and linked to with the
|
||||
<constant>libsystemd</constant> <citerefentry
|
||||
project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
file.</para>
|
||||
</refsect1>
|
||||
|
||||
@ -539,8 +557,9 @@
|
||||
<para>
|
||||
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_new_from_pid</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>fork</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>credentials</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>free</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry project='man-pages'><refentrytitle>proc</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
|
@ -45,6 +45,7 @@
|
||||
<refnamediv>
|
||||
<refname>sd_bus_creds_new_from_pid</refname>
|
||||
<refname>sd_bus_creds_get_mask</refname>
|
||||
<refname>sd_bus_creds_get_augmented_mask</refname>
|
||||
<refname>sd_bus_creds_ref</refname>
|
||||
<refname>sd_bus_creds_unref</refname>
|
||||
|
||||
@ -67,6 +68,11 @@
|
||||
<paramdef>const sd_bus_creds *<parameter>c</parameter></paramdef>
|
||||
</funcprototype>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>uint64_t <function>sd_bus_creds_get_augmented_mask</function></funcdef>
|
||||
<paramdef>const sd_bus_creds *<parameter>c</parameter></paramdef>
|
||||
</funcprototype>
|
||||
|
||||
<funcprototype>
|
||||
<funcdef>sd_bus_creds *<function>sd_bus_creds_ref</function></funcdef>
|
||||
<paramdef>sd_bus_creds *<parameter>c</parameter></paramdef>
|
||||
@ -80,17 +86,26 @@
|
||||
|
||||
<para>
|
||||
<constant>SD_BUS_CREDS_PID</constant>,
|
||||
<constant>SD_BUS_CREDS_PPID</constant>,
|
||||
<constant>SD_BUS_CREDS_TID</constant>,
|
||||
<constant>SD_BUS_CREDS_UID</constant>,
|
||||
<constant>SD_BUS_CREDS_EUID</constant>,
|
||||
<constant>SD_BUS_CREDS_SUID</constant>,
|
||||
<constant>SD_BUS_CREDS_FSUID</constant>,
|
||||
<constant>SD_BUS_CREDS_GID</constant>,
|
||||
<constant>SD_BUS_CREDS_EGID</constant>,
|
||||
<constant>SD_BUS_CREDS_SGID</constant>,
|
||||
<constant>SD_BUS_CREDS_FSGID</constant>,
|
||||
<constant>SD_BUS_CREDS_SUPPLEMENTARY_GIDS</constant>,
|
||||
<constant>SD_BUS_CREDS_COMM</constant>,
|
||||
<constant>SD_BUS_CREDS_TID_COMM</constant>,
|
||||
<constant>SD_BUS_CREDS_EXE</constant>,
|
||||
<constant>SD_BUS_CREDS_CMDLINE</constant>,
|
||||
<constant>SD_BUS_CREDS_CGROUP</constant>,
|
||||
<constant>SD_BUS_CREDS_UNIT</constant>,
|
||||
<constant>SD_BUS_CREDS_USER_UNIT</constant>,
|
||||
<constant>SD_BUS_CREDS_SLICE</constant>,
|
||||
<constant>SD_BUS_CREDS_USER_UNIT</constant>,
|
||||
<constant>SD_BUS_CREDS_USER_SLICE</constant>,
|
||||
<constant>SD_BUS_CREDS_SESSION</constant>,
|
||||
<constant>SD_BUS_CREDS_OWNER_UID</constant>,
|
||||
<constant>SD_BUS_CREDS_EFFECTIVE_CAPS</constant>,
|
||||
@ -100,8 +115,11 @@
|
||||
<constant>SD_BUS_CREDS_SELINUX_CONTEXT</constant>,
|
||||
<constant>SD_BUS_CREDS_AUDIT_SESSION_ID</constant>,
|
||||
<constant>SD_BUS_CREDS_AUDIT_LOGIN_UID</constant>,
|
||||
<constant>SD_BUS_CREDS_TTY</constant>,
|
||||
<constant>SD_BUS_CREDS_UNIQUE_NAME</constant>,
|
||||
<constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant>,
|
||||
<constant>SD_BUS_CREDS_DESCRIPTION</constant>,
|
||||
<constant>SD_BUS_CREDS_AUGMENT</constant>,
|
||||
<constant>_SD_BUS_CREDS_ALL</constant>
|
||||
</para>
|
||||
</refsynopsisdiv>
|
||||
@ -109,25 +127,39 @@
|
||||
<refsect1>
|
||||
<title>Description</title>
|
||||
|
||||
<para><function>sd_bus_creds_new_from_pid()</function> creates a new
|
||||
credentials object and fills it with information about the process
|
||||
<parameter>pid</parameter>. This pointer to this object will
|
||||
be stored in <parameter>ret</parameter> pointer.</para>
|
||||
<para><function>sd_bus_creds_new_from_pid()</function> creates a
|
||||
new credentials object and fills it with information about the
|
||||
process <parameter>pid</parameter>. The pointer to this object
|
||||
will be stored in <parameter>ret</parameter> pointer. Note that
|
||||
credential objects may also be created and retrieved via
|
||||
<citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
and
|
||||
<citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para>
|
||||
|
||||
<para>The information that will be stored is determined by
|
||||
<parameter>creds_mask</parameter>. It may contain a subset of ORed
|
||||
constants <constant>SD_BUS_CREDS_PID</constant>,
|
||||
<constant>SD_BUS_CREDS_PPID</constant>,
|
||||
<constant>SD_BUS_CREDS_TID</constant>,
|
||||
<constant>SD_BUS_CREDS_UID</constant>,
|
||||
<constant>SD_BUS_CREDS_EUID</constant>,
|
||||
<constant>SD_BUS_CREDS_SUID</constant>,
|
||||
<constant>SD_BUS_CREDS_FSUID</constant>,
|
||||
<constant>SD_BUS_CREDS_GID</constant>,
|
||||
<constant>SD_BUS_CREDS_EGID</constant>,
|
||||
<constant>SD_BUS_CREDS_SGID</constant>,
|
||||
<constant>SD_BUS_CREDS_FSGID</constant>,
|
||||
<constant>SD_BUS_CREDS_SUPPLEMENTARY_GIDS</constant>,
|
||||
<constant>SD_BUS_CREDS_COMM</constant>,
|
||||
<constant>SD_BUS_CREDS_TID_COMM</constant>,
|
||||
<constant>SD_BUS_CREDS_EXE</constant>,
|
||||
<constant>SD_BUS_CREDS_CMDLINE</constant>,
|
||||
<constant>SD_BUS_CREDS_CGROUP</constant>,
|
||||
<constant>SD_BUS_CREDS_UNIT</constant>,
|
||||
<constant>SD_BUS_CREDS_USER_UNIT</constant>,
|
||||
<constant>SD_BUS_CREDS_SLICE</constant>,
|
||||
<constant>SD_BUS_CREDS_USER_UNIT</constant>,
|
||||
<constant>SD_BUS_CREDS_USER_SLICE</constant>,
|
||||
<constant>SD_BUS_CREDS_SESSION</constant>,
|
||||
<constant>SD_BUS_CREDS_OWNER_UID</constant>,
|
||||
<constant>SD_BUS_CREDS_EFFECTIVE_CAPS</constant>,
|
||||
@ -137,34 +169,71 @@
|
||||
<constant>SD_BUS_CREDS_SELINUX_CONTEXT</constant>,
|
||||
<constant>SD_BUS_CREDS_AUDIT_SESSION_ID</constant>,
|
||||
<constant>SD_BUS_CREDS_AUDIT_LOGIN_UID</constant>,
|
||||
<constant>SD_BUS_CREDS_TTY</constant>,
|
||||
<constant>SD_BUS_CREDS_UNIQUE_NAME</constant>,
|
||||
<constant>SD_BUS_CREDS_WELL_KNOWN_NAMES</constant>,
|
||||
or <constant>_SD_BUS_CREDS_ALL</constant> to indicate
|
||||
all known fields.</para>
|
||||
<constant>SD_BUS_CREDS_DESCRIPTION</constant>. Use the special
|
||||
value <constant>_SD_BUS_CREDS_ALL</constant> to request all
|
||||
supported fields. The <constant>SD_BUS_CREDS_AUGMENT</constant>
|
||||
may not be ORed into the mask for invocations of
|
||||
<function>sd_bus_creds_new_from_pid()</function>.</para>
|
||||
|
||||
<para>Fields can be retrieved from the credentials object using
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
and other functions which correspond directly to the constants
|
||||
listed above.</para>
|
||||
|
||||
<para>A mask of fields which were actually successfully set
|
||||
(acquired from <filename>/proc</filename>, etc.) can be retrieved
|
||||
with <function>sd_bus_creds_get_mask()</function>. If the
|
||||
credentials object was created with
|
||||
<para>A mask of fields which were actually successfully retrieved
|
||||
can be retrieved with
|
||||
<function>sd_bus_creds_get_mask()</function>. If the credentials
|
||||
object was created with
|
||||
<function>sd_bus_creds_new_from_pid()</function>, this will be a
|
||||
subset of fields requested in <parameter>creds_mask</parameter>.
|
||||
</para>
|
||||
|
||||
<para><function>sd_bus_creds_ref</function> creates a new
|
||||
<para>Similar to <function>sd_bus_creds_get_mask()</function> the
|
||||
function <function>sd_bus_creds_get_augmented_mask()</function>
|
||||
returns a bitmask of field constants. The mask indicates which
|
||||
credential fields have been retrieved in a non-atomic fashion. For
|
||||
credential objects created via
|
||||
<function>sd_bus_creds_new_from_pid()</function> this mask will be
|
||||
identical to the mask returned by
|
||||
<function>sd_bus_creds_get_mask()</function>. However, for
|
||||
credential objects retrieved via
|
||||
<function>sd_bus_get_name_creds()</function> this mask will be set
|
||||
for the credential fields that could not be determined atomically
|
||||
at peer connection time, and which were later added by reading
|
||||
augmenting credential data from
|
||||
<filename>/proc</filename>. Similar, for credential objects
|
||||
retrieved via <function>sd_bus_get_owner_creds()</function> the
|
||||
mask is set for the fields that could not be determined atomically
|
||||
at bus creation time, but have been augmented. Similar, for
|
||||
credential objects retrieved via
|
||||
<function>sd_bus_message_get_creds()</function> the mask is set
|
||||
for the fields that could not be determined atomically at message
|
||||
send time, but have been augmented. The mask returned by
|
||||
<function>sd_bus_creds_get_augmented_mask()</function> is always a
|
||||
subset of (or identical to) the mask returned by
|
||||
<function>sd_bus_creds_get_mask()</function> for the same
|
||||
object. The latter call hence returns all credential fields
|
||||
available in the credential object, the former then marks the
|
||||
subset of those that have been augmented. Note that augmented
|
||||
fields are unsuitable for authorization decisions as they may be
|
||||
retrieved at different times, thus being subject to races. Hence
|
||||
augmented fields should be used exclusively for informational
|
||||
purposes.
|
||||
</para>
|
||||
|
||||
<para><function>sd_bus_creds_ref()</function> creates a new
|
||||
reference to the credentials object <parameter>c</parameter>. This
|
||||
object will not be destroyed until
|
||||
<function>sd_bus_creds_unref</function> has been called as many
|
||||
<function>sd_bus_creds_unref()</function> has been called as many
|
||||
times plus once more. Once the reference count has dropped to zero,
|
||||
<parameter>c</parameter> cannot be used anymore, so further
|
||||
calls to <function>sd_bus_creds_ref(c)</function> or
|
||||
<function>sd_bus_creds_unref(c)</function> are illegal.</para>
|
||||
|
||||
<para><function>sd_bus_creds_unref</function> destroys a reference
|
||||
<para><function>sd_bus_creds_unref()</function> destroys a reference
|
||||
to <parameter>c</parameter>.</para>
|
||||
</refsect1>
|
||||
|
||||
@ -178,10 +247,15 @@
|
||||
<para><function>sd_bus_creds_get_mask()</function> returns the
|
||||
mask of successfully acquired fields.</para>
|
||||
|
||||
<para><function>sd_bus_creds_ref</function> always returns the
|
||||
<para><function>sd_bus_creds_get_augmented_mask()</function>
|
||||
returns the mask of fields that have been augmented from data in
|
||||
<filename>/proc</filename>, and are thus not suitable for
|
||||
authorization decisions.</para>
|
||||
|
||||
<para><function>sd_bus_creds_ref()</function> always returns the
|
||||
argument.</para>
|
||||
|
||||
<para><function>sd_bus_creds_unref</function> always returns
|
||||
<para><function>sd_bus_creds_unref()</function> always returns
|
||||
<constant>NULL</constant>.</para>
|
||||
</refsect1>
|
||||
|
||||
@ -222,16 +296,23 @@
|
||||
|
||||
<listitem><para>Memory allocation failed.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><constant>-EOPNOTSUPP</constant></term>
|
||||
|
||||
<listitem><para>One of the requested fields is unknown to the local system.</para></listitem>
|
||||
</varlistentry>
|
||||
</variablelist>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
<title>Notes</title>
|
||||
|
||||
<para><function>sd_bus_creds_new_from_pid()</function> is
|
||||
available as a shared library, which can be compiled and linked to
|
||||
with the
|
||||
<constant>libsystemd</constant> <citerefentry project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
<para><function>sd_bus_creds_new_from_pid()</function> and the
|
||||
other calls described here are available as a shared library,
|
||||
which can be compiled and linked to with the
|
||||
<constant>libsystemd</constant> <citerefentry
|
||||
project='die-net'><refentrytitle>pkg-config</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
file.</para>
|
||||
</refsect1>
|
||||
|
||||
@ -241,31 +322,10 @@
|
||||
<para>
|
||||
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd-bus</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_ref</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_pid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_tid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_uid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_gid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_comm</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_tid_comm</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_exe</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_cmdline</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_cgroup</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_unit</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_user_unit</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_slice</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_session</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_owner_uid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_has_effective_cap</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_has_permitted_cap</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_has_inheritable_cap</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_has_bounding_cap</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_selinux_context</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_audit_session_id</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_audit_login_uid</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_unique_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_creds_get_well_known_names</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
<citerefentry><refentrytitle>sd_bus_get_name_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_get_owner_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
|
||||
<citerefentry><refentrytitle>sd_bus_message_get_creds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user