2012-07-14 00:55:52 +04:00
<?xml version='1.0'?> <!-- * - nxml - * -->
2019-03-14 16:40:58 +03:00
< !DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
2015-06-18 20:47:44 +03:00
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
2020-11-09 07:23:58 +03:00
<!-- SPDX - License - Identifier: LGPL - 2.1 - or - later -->
2012-07-14 00:55:52 +04:00
2018-06-06 12:59:04 +03:00
<refentry id= "sd_id128_get_machine" xmlns:xi= "http://www.w3.org/2001/XInclude" >
2012-07-14 00:55:52 +04:00
2015-02-04 05:14:13 +03:00
<refentryinfo >
<title > sd_id128_get_machine</title>
<productname > systemd</productname>
</refentryinfo>
<refmeta >
<refentrytitle > sd_id128_get_machine</refentrytitle>
<manvolnum > 3</manvolnum>
</refmeta>
<refnamediv >
<refname > sd_id128_get_machine</refname>
2016-11-17 19:07:46 +03:00
<refname > sd_id128_get_machine_app_specific</refname>
2015-02-04 05:14:13 +03:00
<refname > sd_id128_get_boot</refname>
2018-10-02 15:25:24 +03:00
<refname > sd_id128_get_boot_app_specific</refname>
2016-08-31 00:18:46 +03:00
<refname > sd_id128_get_invocation</refname>
2015-02-04 05:14:13 +03:00
<refpurpose > Retrieve 128-bit IDs</refpurpose>
</refnamediv>
<refsynopsisdiv >
<funcsynopsis >
<funcsynopsisinfo > #include < systemd/sd-id128.h> </funcsynopsisinfo>
<funcprototype >
<funcdef > int <function > sd_id128_get_machine</function> </funcdef>
<paramdef > sd_id128_t *<parameter > ret</parameter> </paramdef>
</funcprototype>
2016-11-17 19:07:46 +03:00
<funcprototype >
<funcdef > int <function > sd_id128_get_machine_app_specific</function> </funcdef>
<paramdef > sd_id128_t <parameter > app_id</parameter> </paramdef>
<paramdef > sd_id128_t *<parameter > ret</parameter> </paramdef>
</funcprototype>
2015-02-04 05:14:13 +03:00
<funcprototype >
<funcdef > int <function > sd_id128_get_boot</function> </funcdef>
<paramdef > sd_id128_t *<parameter > ret</parameter> </paramdef>
</funcprototype>
2018-10-02 15:25:24 +03:00
<funcprototype >
<funcdef > int <function > sd_id128_get_boot_app_specific</function> </funcdef>
<paramdef > sd_id128_t <parameter > app_id</parameter> </paramdef>
<paramdef > sd_id128_t *<parameter > ret</parameter> </paramdef>
</funcprototype>
2016-08-31 00:18:46 +03:00
<funcprototype >
<funcdef > int <function > sd_id128_get_invocation</function> </funcdef>
<paramdef > sd_id128_t *<parameter > ret</parameter> </paramdef>
</funcprototype>
2015-02-04 05:14:13 +03:00
</funcsynopsis>
</refsynopsisdiv>
<refsect1 >
<title > Description</title>
2016-11-17 19:07:46 +03:00
<para > <function > sd_id128_get_machine()</function> returns the machine ID of the executing host. This reads and
parses the <citerefentry > <refentrytitle > machine-id</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry>
file. This function caches the machine ID internally to make retrieving the machine ID a cheap operation. This ID
may be used wherever a unique identifier for the local system is needed. However, it is recommended to use this ID
as-is only in trusted environments. In untrusted environments it is recommended to derive an application specific
2020-04-21 21:46:53 +03:00
ID from this machine ID, in an irreversible (cryptographically secure) way. To make this easy
2016-11-17 19:07:46 +03:00
<function > sd_id128_get_machine_app_specific()</function> is provided, see below.</para>
<para > <function > sd_id128_get_machine_app_specific()</function> is similar to
<function > sd_id128_get_machine()</function> , but retrieves a machine ID that is specific to the application that is
identified by the indicated application ID. It is recommended to use this function instead of
<function > sd_id128_get_machine()</function> when passing an ID to untrusted environments, in order to make sure
2018-10-02 15:25:24 +03:00
that the original machine ID may not be determined externally. This way, the ID used by the application remains
stable on a given machine, but cannot be easily correlated with IDs used in other applications on the same
2018-08-21 17:08:48 +03:00
machine. The application-specific ID should be generated via a tool like <command > systemd-id128 new</command> ,
2018-10-02 15:25:24 +03:00
and may be compiled into the application. This function will return the same application-specific ID for each
combination of machine ID and application ID. Internally, this function calculates HMAC-SHA256 of the application
ID, keyed by the machine ID.</para>
<para > <function > sd_id128_get_boot()</function> returns the boot ID of the executing kernel. This reads and parses
the <filename > /proc/sys/kernel/random/boot_id</filename> file exposed by the kernel. It is randomly generated early
at boot and is unique for every running kernel instance. See <citerefentry
project='man-pages'><refentrytitle > random</refentrytitle> <manvolnum > 4</manvolnum> </citerefentry> for more
information. This function also internally caches the returned ID to make this call a cheap operation. It is
recommended to use this ID as-is only in trusted environments. In untrusted environments it is recommended to
derive an application specific ID using <function > sd_id128_get_machine_app_specific()</function> , see below.</para>
<para > <function > sd_id128_get_boot_app_specific()</function> is analogous to
<function > sd_id128_get_machine_app_specific()</function> but returns an ID that changes between boots. Some
machines may be used for a long time without rebooting, hence the boot ID may remain constant for a long time, and
has properties similar to the machine ID during that time.</para>
2015-02-04 05:14:13 +03:00
2016-08-31 00:18:46 +03:00
<para > <function > sd_id128_get_invocation()</function> returns the invocation ID of the currently executed
2022-12-14 08:29:25 +03:00
service. In its current implementation, this tries to read and parse the following:
<itemizedlist >
<listitem >
<para > The <varname > $INVOCATION_ID</varname> environment variable that the service manager sets when
activating a service.</para>
</listitem>
<listitem >
<para > An entry in the kernel keyring that the system service manager sets when activating a service.
</para>
</listitem>
</itemizedlist>
See <citerefentry > <refentrytitle > systemd.exec</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry>
for details. The ID is cached internally. In future a different mechanism to determine the invocation ID
may be added.</para>
2016-08-31 00:18:46 +03:00
2021-05-26 17:07:55 +03:00
<para > Note that <function > sd_id128_get_machine_app_specific()</function> ,
<function > sd_id128_get_boot()</function> , <function > sd_id128_get_boot_app_specific()</function> , and
2021-06-15 18:55:17 +03:00
<function > sd_id128_get_invocation()</function> always return UUID Variant 1 Version 4 compatible IDs.
<function > sd_id128_get_machine()</function> will also return a UUID Variant 1 Version 4 compatible ID on
new installations but might not on older. It is possible to convert the machine ID non-reversibly into a
UUID Variant 1 Version 4 compatible one. For more information, see
2021-05-26 17:07:55 +03:00
<citerefentry > <refentrytitle > machine-id</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> . It is
2021-05-28 13:52:12 +03:00
hence guaranteed that these functions will never return the ID consisting of all zero or all one bits
2021-05-26 17:07:55 +03:00
(<constant > SD_ID128_NULL</constant> , <constant > SD_ID128_ALLF</constant> ) — with the possible exception of
<function > sd_id128_get_machine()</function> , as mentioned.</para>
2015-02-04 05:14:13 +03:00
<para > For more information about the <literal > sd_id128_t</literal>
type see
<citerefentry > <refentrytitle > sd-id128</refentrytitle> <manvolnum > 3</manvolnum> </citerefentry> .</para>
</refsect1>
<refsect1 >
<title > Return Value</title>
2018-05-16 14:55:12 +03:00
<para > Those calls return 0 on success (in which case <parameter > ret</parameter> is filled in),
2019-03-21 16:08:34 +03:00
or a negative errno-style error code.</para>
<refsect2 >
<title > Errors</title>
<para > Returned errors may indicate the following problems:</para>
<variablelist >
<varlistentry >
<term > <constant > -ENOENT</constant> </term>
2022-12-08 09:49:02 +03:00
<listitem > <para > Returned by <function > sd_id128_get_machine()</function> and
<function > sd_id128_get_machine_app_specific()</function> when <filename > /etc/machine-id</filename>
is missing.</para> </listitem>
2019-03-21 16:08:34 +03:00
</varlistentry>
<varlistentry >
<term > <constant > -ENOMEDIUM</constant> </term>
2022-12-08 09:49:02 +03:00
<listitem > <para > Returned by <function > sd_id128_get_machine()</function> and
<function > sd_id128_get_machine_app_specific()</function> when <filename > /etc/machine-id</filename>
2022-12-14 07:40:42 +03:00
is empty or all zeros. Also returned by <function > sd_id128_get_invocation()</function> when the
invocation ID is all zeros.</para> </listitem>
2019-03-21 16:08:34 +03:00
</varlistentry>
2022-12-08 09:43:26 +03:00
<varlistentry >
<term > <constant > -ENOPKG</constant> </term>
<listitem > <para > Returned by <function > sd_id128_get_machine()</function> and
<function > sd_id128_get_machine_app_specific()</function> when the content of
<filename > /etc/machine-id</filename> is <literal > uninitialized</literal> .</para> </listitem>
</varlistentry>
2022-12-08 09:49:02 +03:00
<varlistentry >
<term > <constant > -ENOSYS</constant> </term>
<listitem > <para > Returned by <function > sd_id128_get_boot()</function> and
<function > sd_id128_get_boot_app_specific()</function> when <filename > /proc/</filename> is not
mounted.</para> </listitem>
</varlistentry>
2019-03-21 16:08:34 +03:00
<varlistentry >
<term > <constant > -ENXIO</constant> </term>
<listitem > <para > Returned by <function > sd_id128_get_invocation()</function> if no invocation ID is
set.</para> </listitem>
</varlistentry>
<varlistentry >
2022-12-14 08:31:09 +03:00
<term > <constant > -EUCLEAN</constant> </term>
2019-03-21 16:08:34 +03:00
<listitem > <para > Returned by any of the functions described here when the configured value has
invalid format.</para> </listitem>
</varlistentry>
<varlistentry >
<term > <constant > -EPERM</constant> </term>
<listitem > <para > Requested information could not be retrieved because of insufficient permissions.
</para> </listitem>
</varlistentry>
</variablelist>
</refsect2>
2015-02-04 05:14:13 +03:00
</refsect1>
2018-06-06 12:59:04 +03:00
<xi:include href= "libsystemd-pkgconfig.xml" />
2015-02-04 05:14:13 +03:00
2016-11-17 19:07:46 +03:00
<refsect1 >
<title > Examples</title>
<example >
<title > Application-specific machine ID</title>
2018-08-21 17:25:21 +03:00
<para > First, generate the application ID:</para>
<programlisting > $ systemd-id128 -p new
As string:
c273277323db454ea63bb96e79b53e97
As UUID:
c2732773-23db-454e-a63b-b96e79b53e97
As man:sd-id128(3) macro:
#define MESSAGE_XYZ SD_ID128_MAKE(c2,73,27,73,23,db,45,4e,a6,3b,b9,6e,79,b5,3e,97)
...
</programlisting>
<para > Then use the new identifier in an example application:</para>
2016-11-17 19:07:46 +03:00
2018-07-27 09:24:45 +03:00
<programlisting > <xi:include href= "id128-app-specific.c" parse= "text" /> </programlisting>
2016-11-17 19:07:46 +03:00
</example>
</refsect1>
2015-02-04 05:14:13 +03:00
<refsect1 >
<title > See Also</title>
<para >
<citerefentry > <refentrytitle > systemd</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
2018-08-21 17:08:48 +03:00
<citerefentry > <refentrytitle > systemd-id128</refentrytitle> <manvolnum > 1</manvolnum> </citerefentry> ,
2015-02-04 05:14:13 +03:00
<citerefentry > <refentrytitle > sd-id128</refentrytitle> <manvolnum > 3</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > machine-id</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> ,
2016-08-31 00:18:46 +03:00
<citerefentry > <refentrytitle > systemd.exec</refentrytitle> <manvolnum > 5</manvolnum> </citerefentry> ,
<citerefentry > <refentrytitle > sd_id128_randomize</refentrytitle> <manvolnum > 3</manvolnum> </citerefentry> ,
<citerefentry project= 'man-pages' > <refentrytitle > random</refentrytitle> <manvolnum > 4</manvolnum> </citerefentry>
2015-02-04 05:14:13 +03:00
</para>
</refsect1>
2012-07-14 00:55:52 +04:00
</refentry>