bus-creds.c revision 50c4521675e94ade38b8af9e3b0f7fd2f300b6f4
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen/*-*- Mode: C; c-basic-offset: 8; indent-tabs-mode: nil -*-*/
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen This file is part of systemd.
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen Copyright 2013 Lennart Poettering
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen systemd is free software; you can redistribute it and/or modify it
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen under the terms of the GNU Lesser General Public License as published by
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen the Free Software Foundation; either version 2.1 of the License, or
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen (at your option) any later version.
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen systemd is distributed in the hope that it will be useful, but
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen WITHOUT ANY WARRANTY; without even the implied warranty of
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen Lesser General Public License for more details.
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen You should have received a copy of the GNU Lesser General Public License
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen along with systemd; If not, see <http://www.gnu.org/licenses/>.
a501033335ed402c8f7e86fe41a15531ba69abd7Tom Gundersen /* For internal bus cred structures that are allocated by
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen * something else */
5b9d4dc05560ddda89e48b6b39365824b15e1300Tom Gundersen free(c->well_known_names); /* note that this is an strv, but
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen * we only free the array, not the
5b9d4dc05560ddda89e48b6b39365824b15e1300Tom Gundersen * strings the array points to. The
a501033335ed402c8f7e86fe41a15531ba69abd7Tom Gundersen * full strv we only free if
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen * c->allocated is set, see
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ sd_bus_creds *sd_bus_creds_ref(sd_bus_creds *c) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen /* If this is an embedded creds structure, then
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen * forward ref counting to the message */
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ sd_bus_creds *sd_bus_creds_unref(sd_bus_creds *c) {
5b9d4dc05560ddda89e48b6b39365824b15e1300Tom Gundersen if (c->n_ref == 0) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ uint64_t sd_bus_creds_get_mask(const sd_bus_creds *c) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_new_from_pid(sd_bus_creds **ret, pid_t pid, uint64_t mask) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen assert_return(mask <= _SD_BUS_CREDS_ALL, -ENOTSUP);
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen r = bus_creds_add_more(c, mask | SD_BUS_CREDS_AUGMENT, pid, 0);
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen /* Check if the process existed at all, in case we haven't
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen * figured that out already */
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_get_uid(sd_bus_creds *c, uid_t *uid) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_get_euid(sd_bus_creds *c, uid_t *euid) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_get_suid(sd_bus_creds *c, uid_t *suid) {
5fde13d748749f0e06e2e6cdd15f0980a79ea82cTom Gundersen_public_ int sd_bus_creds_get_fsuid(sd_bus_creds *c, uid_t *fsuid) {
5fde13d748749f0e06e2e6cdd15f0980a79ea82cTom Gundersen_public_ int sd_bus_creds_get_gid(sd_bus_creds *c, gid_t *gid) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_get_egid(sd_bus_creds *c, gid_t *egid) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_get_sgid(sd_bus_creds *c, gid_t *sgid) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen_public_ int sd_bus_creds_get_fsgid(sd_bus_creds *c, gid_t *fsgid) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen_public_ int sd_bus_creds_get_supplementary_gids(sd_bus_creds *c, const gid_t **gids) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen if (!(c->mask & SD_BUS_CREDS_SUPPLEMENTARY_GIDS))
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen_public_ int sd_bus_creds_get_pid(sd_bus_creds *c, pid_t *pid) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen_public_ int sd_bus_creds_get_tid(sd_bus_creds *c, pid_t *tid) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen_public_ int sd_bus_creds_get_pid_starttime(sd_bus_creds *c, uint64_t *usec) {
daeb71a36a98834664e4d95773a3629b746f4db8Tom Gundersen_public_ int sd_bus_creds_get_selinux_context(sd_bus_creds *c, const char **ret) {
daeb71a36a98834664e4d95773a3629b746f4db8Tom Gundersen if (!(c->mask & SD_BUS_CREDS_SELINUX_CONTEXT))
daeb71a36a98834664e4d95773a3629b746f4db8Tom Gundersen_public_ int sd_bus_creds_get_comm(sd_bus_creds *c, const char **ret) {
f1ac700248f231b7bdac2aafe8c35650efddb89fTom Gundersen_public_ int sd_bus_creds_get_tid_comm(sd_bus_creds *c, const char **ret) {
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen_public_ int sd_bus_creds_get_exe(sd_bus_creds *c, const char **ret) {
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen_public_ int sd_bus_creds_get_cgroup(sd_bus_creds *c, const char **ret) {
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen_public_ int sd_bus_creds_get_unit(sd_bus_creds *c, const char **ret) {
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen r = cg_path_get_unit(shifted, (char**) &c->unit);
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen_public_ int sd_bus_creds_get_user_unit(sd_bus_creds *c, const char **ret) {
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
af6f0d422c521374ee6a2dd92df5935a5a476ae5Tom Gundersen r = cg_path_get_user_unit(shifted, (char**) &c->user_unit);
a501033335ed402c8f7e86fe41a15531ba69abd7Tom Gundersen_public_ int sd_bus_creds_get_slice(sd_bus_creds *c, const char **ret) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
5fde13d748749f0e06e2e6cdd15f0980a79ea82cTom Gundersen r = cg_path_get_slice(shifted, (char**) &c->slice);
daeb71a36a98834664e4d95773a3629b746f4db8Tom Gundersen_public_ int sd_bus_creds_get_session(sd_bus_creds *c, const char **ret) {
5fde13d748749f0e06e2e6cdd15f0980a79ea82cTom Gundersen r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
5fde13d748749f0e06e2e6cdd15f0980a79ea82cTom Gundersen r = cg_path_get_session(shifted, (char**) &c->session);
16b9b87aeee9353b5b8dae6089a69752422a5b09Tom Gundersen_public_ int sd_bus_creds_get_owner_uid(sd_bus_creds *c, uid_t *uid) {
43b3a5ef61859f06cdbaf26765cab8e1adac4296Tom Gundersen r = cg_shift_path(c->cgroup, c->cgroup_root, &shifted);
return -ENODATA;
if (!c->cmdline_array) {
if (!c->cmdline_array)
return -ENOMEM;
return -ENODATA;
return -ENODATA;
return -ENODATA;
return -ENODATA;
return -ENODATA;
if (!c->unescaped_description) {
if (!c->unescaped_description)
return -ENOMEM;
assert(c);
return -ENODATA;
return -ENODATA;
return -ENODATA;
return -ENODATA;
assert(c);
assert(p);
return -EINVAL;
if (!c->capability) {
if (!c->capability)
return -ENOMEM;
for (i = 0; i < sz; i ++) {
return -EINVAL;
assert(c);
if (missing == 0)
if (pid <= 0)
if (pid > 0) {
if (tid > 0) {
return -ESRCH;
return -errno;
return -EIO;
return -EIO;
return -EIO;
return -ENOMEM;
unsigned long long st;
if (r == -ENOENT)
return -ESRCH;
if (c->cmdline_size == 0) {
return -ENOMEM;
if (r == -ENOENT)
return -ESRCH;
if (missing & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID)) {
c->mask |= missing & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_OWNER_UID);
assert(c);
n = bus_creds_new();
return -ENOMEM;
if (!n->supplementary_gids)
return -ENOMEM;
if (!n->comm)
return -ENOMEM;
if (!n->tid_comm)
return -ENOMEM;
if (!n->exe)
return -ENOMEM;
if (!n->cmdline)
return -ENOMEM;
if (c->mask & mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_OWNER_UID)) {
if (!n->cgroup)
return -ENOMEM;
if (!n->cgroup_root)
return -ENOMEM;
n->mask |= mask & (SD_BUS_CREDS_CGROUP|SD_BUS_CREDS_SESSION|SD_BUS_CREDS_UNIT|SD_BUS_CREDS_USER_UNIT|SD_BUS_CREDS_SLICE|SD_BUS_CREDS_OWNER_UID);
if (c->mask & mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS)) {
if (!n->capability)
return -ENOMEM;
n->mask |= c->mask & mask & (SD_BUS_CREDS_EFFECTIVE_CAPS|SD_BUS_CREDS_PERMITTED_CAPS|SD_BUS_CREDS_INHERITABLE_CAPS|SD_BUS_CREDS_BOUNDING_CAPS);
if (!n->label)
return -ENOMEM;
if (!n->unique_name)
return -ENOMEM;
if (!n->well_known_names)
return -ENOMEM;
if (!n->description)
return -ENOMEM;
*ret = n;
n = NULL;