NAME

nbdkit_peer_name, nbdkit_peer_pid, nbdkit_peer_uid, nbdkit_peer_gid, nbdkit_peer_security_context - get client address and information for nbdkit

SYNOPSIS

 #include <nbdkit-plugin.h>

 int nbdkit_peer_name (struct sockaddr *addr, socklen_t *addrlen);
 int64_t nbdkit_peer_pid (void);
 int64_t nbdkit_peer_uid (void);
 int64_t nbdkit_peer_gid (void);
 char *nbdkit_peer_security_context (void);

DESCRIPTION

nbdkit_peer_name

Return the peer (client) address, if available. The addr and addrlen parameters behave like getpeername(2). In particular you must initialize addrlen with the size of the buffer pointed to by addr, and if addr is not large enough then the address will be truncated.

In some cases this is not available or the address returned will be meaningless (eg. if there is a proxy between the client and nbdkit). This call uses thread-local magic so no parameter is required to specify the current connection.

nbdkit_peer_pid

(nbdkit ≥ 1.24, Linux only)

Return the peer process ID. This is only available when the client connected over a Unix domain socket.

nbdkit_peer_uid

(nbdkit ≥ 1.24)

Return the peer user ID. This is only available when the client connected over a Unix domain socket.

nbdkit_peer_gid

(nbdkit ≥ 1.24)

Return the peer group ID. This is only available when the client connected over a Unix domain socket.

nbdkit_peer_security_context

(nbdkit ≥ 1.36, not Windows)

Return the peer security context (usually the SELinux label, IPSEC label or NetLabel). See the description of SO_PEERSEC in unix(7) and ip(7).

RETURN VALUE

All functions except nbdkit_peer_security_context return 0 on success. If there is an error they call nbdkit_error(3) and return -1.

nbdkit_peer_security_context returns a security context as a string on success. The caller must free this string. On error (which can include missing label or unsupported protocol), nbdkit_error(3) is called and this call returns NULL.

LANGUAGE BINDINGS

In nbdkit-ocaml-plugin(3):

 NBDKit.peer_name : unit -> Unix.sockaddr
 NBDKit.peer_pid : unit -> int64
 NBDKit.peer_uid : unit -> int64
 NBDKit.peer_gid : unit -> int64
 NBDKit.peer_security_context : unit -> string

In nbdkit-python-plugin(3):

 import nbdkit
 pid = nbdkit.peer_pid()
 uid = nbdkit.peer_uid()
 gid = nbdkit.peer_gid()
 security_context = nbdkit.peer_security_context()

In nbdkit-rust-plugin(3):

 use nbdkit::*;
 pub fn peername<T: SockaddrLike>() ->
         std::result::Result<T, Box<dyn error::Error>>

HISTORY

nbdkit_peer_name was added in nbdkit 1.16.

nbdkit_peer_pid, nbdkit_peer_uid and nbdkit_peer_gid were added in nbdkit 1.24.

nbdkit_peer_security_context was added in nbdkit 1.36.

SEE ALSO

nbdkit(1), nbdkit-plugin(3), nbdkit-filter(3), nbdkit-ip-filter(1), getpeername(2), unix(7), ip(7).

AUTHORS

Richard W.M. Jones

COPYRIGHT

Copyright Red Hat

LICENSE

Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:

THIS SOFTWARE IS PROVIDED BY RED HAT AND CONTRIBUTORS ''AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL RED HAT OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.