Man Pages (3), (3C), (3K), (3N), (3R), (3X), (3X11TSOL): Library Functions

getpeerinfo(3)

NAME

getpeerinfo- Get peer's process characteristics.

SYNOPSIS

cc

flag

file

-lbsm

-lsocket

-lnsl

-lintl

library

#include <bsm/audit.h>

fd

grpinfo

peerinfo

DESCRIPTION

Returns the peer process' audit attributes for the peer designated by the socket or TLI file descriptor fd. If grpinfo or peerinfo is NULL, then the corresponding information is not obtained.

The au_peergroupinfo structure has the following form:

struct peergroupinfo {
  ulong_t   peer_ngroups                 /* number of elements obtained */
  gid_t     peer_groups[NGROUPS_UMAX];   /* peer's supplemental groups */
};

The remaining attributes are returned in peerinfo which is of type struct au_peermiscinfo and has been allocated by the calling process. The au_peermiscinfo structure has the following form:

struct au_peermiscinfo{
  uid_t		peer_ruid;	        /* peer's real user id */
gid_t		peer_rgid;	        /* peer's real group id */
auditinfo_t	peer_audit;             /* peer's audit characteristic's */
};

where auditinfo_t is of type struct auditinfo which has the following form:

struct auditinfo{
  au_id_t		ai_auid;	    /* audit ID */
  au_mask_t	ai_mask;	    /* preselection mask */
  au_tid_t		ai_termid;	    /* audit terminal ID */
  au_asid_t	ai_asid;            /* audit session ID */
};

getpeerinfo() requires that either the PRIV_PROC_AUDIT_TCB or PRIV_PROC_AUDIT_APPL privilege be asserted in a process' effective set in order to get the peerinfo attributes from its peer. No privileges are required to obtain just grpinfo.

RETURN VALUES

getpeerinfo() returns 0 on success. On failure it returns a negative value and sets errno to indicate the error.

ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPE	ATTRIBUTE VALUE
Availability	SUNWcsl
MT-Level	MT-Safe

ERRORS

EBADF: fd is not a valid descriptor.
ENOTSOCK: fd is not a socket or TLI interface.
ENOBUFS: Insufficient resources were available in the system to perform the operation.
EADDRNOTAVAIL: Could not establish connection with server.
EINVAL: There was an internal error in which fd pointed to a peer process that was not recognized by its host.
ENOENT: No such port currently active on the peer.
EOPNOTSUPP: Type not SOCK_DGRAM or SOCK_STREAM, or either the local peer socket or TLI descriptor is not AF_INET.
EPERM: The caller does not have the proper privileges.

NOTES

Available only on Trusted Solaris systems with the auditing module enabled. The auditing module is enabled by default in the Trusted Solaris environment.

SunOS 5.7 Reference Manual

attributes(5)

Trusted Solaris 7 Last Revised 05 May 1998