_public_ int sd_bus_query_sender_creds(sd_bus_message *call, uint64_t mask, sd_bus_creds **creds) { sd_bus_creds *c; assert_return(call, -EINVAL); assert_return(call->sealed, -EPERM); assert_return(call->bus, -EINVAL); assert_return(!bus_pid_changed(call->bus), -ECHILD); if (!BUS_IS_OPEN(call->bus->state)) return -ENOTCONN; c = sd_bus_message_get_creds(call); /* All data we need? */ if (c && (mask & ~c->mask) == 0) { *creds = sd_bus_creds_ref(c); return 0; } /* No data passed? Or not enough data passed to retrieve the missing bits? */ if (!c || !(c->mask & SD_BUS_CREDS_PID)) { /* We couldn't read anything from the call, let's try * to get it from the sender or peer. */ if (call->sender) /* There's a sender, but the creds are * missing. This means we are talking via * dbus1, or are getting a message that was * sent to us via kdbus, but was converted * from a dbus1 message by the bus-proxy and * thus also lacks the creds. */ return sd_bus_get_name_creds(call->bus, call->sender, mask, creds); else /* There's no sender, hence we are on a dbus1 * direct connection. For direct connections * the credentials of the AF_UNIX peer matter, * which may be queried via * sd_bus_get_owner_creds(). */ return sd_bus_get_owner_creds(call->bus, mask, creds); } return bus_creds_extend_by_pid(c, mask, creds); }
static int rename_service(sd_bus *a, sd_bus *b) { _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; _cleanup_free_ char *p = NULL, *name = NULL; const char *comm; char **cmdline; uid_t uid; pid_t pid; int r; assert(a); assert(b); r = sd_bus_get_owner_creds(b, SD_BUS_CREDS_EUID|SD_BUS_CREDS_PID|SD_BUS_CREDS_CMDLINE|SD_BUS_CREDS_COMM|SD_BUS_CREDS_AUGMENT, &creds); if (r < 0) return r; r = sd_bus_creds_get_euid(creds, &uid); if (r < 0) return r; r = sd_bus_creds_get_pid(creds, &pid); if (r < 0) return r; r = sd_bus_creds_get_cmdline(creds, &cmdline); if (r < 0) return r; r = sd_bus_creds_get_comm(creds, &comm); if (r < 0) return r; name = uid_to_name(uid); if (!name) return -ENOMEM; p = strv_join(cmdline, " "); if (!p) return -ENOMEM; /* The status string gets the full command line ... */ sd_notifyf(false, "STATUS=Processing requests from client PID "PID_FMT" (%s); UID "UID_FMT" (%s)", pid, p, uid, name); /* ... and the argv line only the short comm */ if (arg_command_line_buffer) { size_t m, w; m = strlen(arg_command_line_buffer); w = snprintf(arg_command_line_buffer, m, "[PID "PID_FMT"/%s; UID "UID_FMT"/%s]", pid, comm, uid, name); if (m > w) memzero(arg_command_line_buffer + w, m - w); } log_debug("Running on behalf of PID "PID_FMT" (%s), UID "UID_FMT" (%s), %s", pid, p, uid, name, a->unique_name); return 0; }