1.\" $NetBSD: execve.2,v 1.24 2002/08/11 10:28:23 yamt Exp $ 2.\" 3.\" Copyright (c) 1980, 1991, 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. All advertising materials mentioning features or use of this software 15.\" must display the following acknowledgement: 16.\" This product includes software developed by the University of 17.\" California, Berkeley and its contributors. 18.\" 4. Neither the name of the University nor the names of its contributors 19.\" may be used to endorse or promote products derived from this software 20.\" without specific prior written permission. 21.\" 22.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 23.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 24.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 25.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 26.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 27.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 28.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 29.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 30.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 31.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 32.\" SUCH DAMAGE. 33.\" 34.\" @(#)execve.2 8.5 (Berkeley) 6/1/94 35.\" 36.Dd August 11, 2002 37.Dt EXECVE 2 38.Os 39.Sh NAME 40.Nm execve 41.Nd execute a file 42.Sh LIBRARY 43.Lb libc 44.Sh SYNOPSIS 45.Fd #include \*[Lt]unistd.h\*[Gt] 46.Ft int 47.Fn execve "const char *path" "char *const argv[]" "char *const envp[]" 48.Sh DESCRIPTION 49.Fn execve 50transforms the calling process into a new process. 51The new process is constructed from an ordinary file, 52whose name is pointed to by 53.Fa path , 54called the 55.Em new process file . 56This file is either an executable object file, 57or a file of data for an interpreter. 58An executable object file consists of an identifying header, 59followed by pages of data representing the initial program (text) 60and initialized data pages. Additional pages may be specified 61by the header to be initialized with zero data; see 62.Xr a.out 5 . 63.Pp 64An interpreter file begins with a line of the form: 65.Pp 66.Bd -filled -offset indent -compact 67.Sy \&#! 68.Em interpreter 69.Bq Em arg 70.Ed 71.Pp 72When an interpreter file is 73.\" was .Fn execve Ap d , 74\fBexecve\fP'd, 75the system 76.\" was .Fn execve Ap s 77\fBexecve\fP's 78runs the specified 79.Em interpreter . 80If the optional 81.Em arg 82is specified, it becomes the first argument to the 83.Em interpreter , 84and the name of the originally 85.\" was .Fn execve Ap d 86\fBexecve\fP'd 87file becomes the second argument; 88otherwise, the name of the originally 89.\" was .Fn execve Ap d 90\fBexecve\fP'd 91file becomes the first argument. The original arguments are shifted over to 92become the subsequent arguments. The zeroth argument, normally the name of the 93.\" was .Fn execve Ap d 94\fBexecve\fP'd 95file, is left unchanged. 96The interpreter named by 97.Em interpreter 98must not itself be an interpreter file. 99.Pp 100The argument 101.Fa argv 102is a pointer to a null-terminated array of 103character pointers to null-terminated character strings. 104These strings construct the argument list to be made available to the new 105process. At least one argument must be present in 106the array; by custom, the first element should be 107the name of the executed program (for example, the last component of 108.Fa path ) . 109.Pp 110The argument 111.Fa envp 112is also a pointer to a null-terminated array of 113character pointers to null-terminated strings. 114A pointer to this array is normally stored in the global variable 115.Va environ . 116These strings pass information to the 117new process that is not directly an argument to the command (see 118.Xr environ 7 ) . 119.Pp 120File descriptors open in the calling process image remain open in 121the new process image, except for those for which the close-on-exec 122flag is set (see 123.Xr close 2 124and 125.Xr fcntl 2 ) . 126Descriptors that remain open are unaffected by 127.Fn execve . 128.Pp 129In the case of a new setuid or setgid executable being executed, if 130file descriptors 0, 1, or 2 (representing stdin, stdout, and stderr) 131are currently unallocated, these descriptors will be opened to point to 132some system file like 133.Pa /dev/null . 134The intent is to ensure these descriptors are not unallocated, since 135many libraries make assumptions about the use of these 3 file descriptors. 136.Pp 137Signals set to be ignored in the calling process are set to be ignored in 138the 139new process. Signals which are set to be caught in the calling process image 140are set to default action in the new process image. 141Blocked signals remain blocked regardless of changes to the signal action. 142The signal stack is reset to be undefined (see 143.Xr sigaction 2 144for more information). 145.Pp 146If the set-user-ID mode bit of the new process image file is set 147(see 148.Xr chmod 2 ) , 149the effective user ID of the new process image is set to the owner ID 150of the new process image file. 151If the set-group-ID mode bit of the new process image file is set, 152the effective group ID of the new process image is set to the group ID 153of the new process image file. 154(The effective group ID is the first element of the group list.) 155The real user ID, real group ID and 156other group IDs of the new process image remain the same as the calling 157process image. 158After any set-user-ID and set-group-ID processing, 159the effective user ID is recorded as the saved set-user-ID, 160and the effective group ID is recorded as the saved set-group-ID. 161These values may be used in changing the effective IDs later (see 162.Xr setuid 2 ) . 163.ne 1i 164.Pp 165The new process also inherits the following attributes from 166the calling process: 167.Pp 168.Bl -column parent_process_ID -offset indent -compact 169.It process ID Ta see Xr getpid 2 170.It parent process ID Ta see Xr getppid 2 171.It process group ID Ta see Xr getpgrp 2 172.It access groups Ta see Xr getgroups 2 173.It working directory Ta see Xr chdir 2 174.It root directory Ta see Xr chroot 2 175.It control terminal Ta see Xr termios 4 176.It resource usages Ta see Xr getrusage 2 177.It interval timers Ta see Xr getitimer 2 178.It resource limits Ta see Xr getrlimit 2 179.It file mode mask Ta see Xr umask 2 180.It signal mask Ta see Xr sigaction 2 , 181.Xr sigprocmask 2 182.El 183.Pp 184When a program is executed as a result of an 185.Fn execve 186call, it is entered as follows: 187.Bd -literal -offset indent 188main(argc, argv, envp) 189int argc; 190char **argv, **envp; 191.Ed 192.Pp 193where 194.Fa argc 195is the number of elements in 196.Fa argv 197(the 198.Dq arg count ) 199and 200.Fa argv 201points to the array of character pointers 202to the arguments themselves. 203.Sh RETURN VALUES 204As the 205.Fn execve 206function overlays the current process image 207with a new process image the successful call 208has no process to return to. 209If 210.Fn execve 211does return to the calling process an error has occurred; the 212return value will be -1 and the global variable 213.Va errno 214is set to indicate the error. 215.Sh ERRORS 216.Fn execve 217will fail and return to the calling process if: 218.Bl -tag -width Er 219.It Bq Er ENOTDIR 220A component of the path prefix is not a directory. 221.It Bq Er ENAMETOOLONG 222A component of a pathname exceeded 223.Dv {NAME_MAX} 224characters, or an entire path name exceeded 225.Dv {PATH_MAX} 226characters. 227.It Bq Er ENOENT 228The new process file does not exist. 229.It Bq Er ELOOP 230Too many symbolic links were encountered in translating the pathname. 231.It Bq Er EACCES 232Search permission is denied for a component of the path prefix, 233the new process file is not an ordinary file, 234it's file mode denies execute permission, or 235it is on a filesystem mounted with execution 236disabled 237.Pf ( Dv MNT_NOEXEC 238in 239.Ao Pa sys/mount.h Ac ) . 240.It Bq Er ENOEXEC 241The new process file has the appropriate access 242permission, but has an invalid magic number in its header. 243.It Bq Er ETXTBSY 244The new process file is a pure procedure (shared text) 245file that is currently open for writing or reading by some process. 246.ne 1i 247.It Bq Er ENOMEM 248The new process requires more virtual memory than 249is allowed by the imposed maximum 250.Pq Xr getrlimit 2 . 251.It Bq Er E2BIG 252The number of bytes in the new process's argument list 253is larger than the system-imposed limit. 254The limit in the system as released is 262144 bytes 255.Pf ( Dv NCARGS 256in 257.Ao Pa sys/param.h Ac ) . 258.It Bq Er EFAULT 259The new process file is not as long as indicated by 260the size values in its header. 261.It Bq Er EFAULT 262.Fa path , 263.Fa argv , 264or 265.Fa envp 266point 267to an illegal address. 268.It Bq Er EIO 269An I/O error occurred while reading from the file system. 270.El 271.Sh SEE ALSO 272.Xr _exit 2 , 273.Xr fork 2 , 274.Xr execl 3 , 275.Xr environ 7 276.Sh STANDARDS 277The 278.Fn execve 279function conforms to 280.St -p1003.1-90 . 281.Sh HISTORY 282The 283.Fn execve 284function call appeared in 285.Bx 4.2 . 286.Sh BUGS 287If a program is 288.Em setuid 289to a non-super-user, but is executed when 290the real 291.Em uid 292is 293.Dq root , 294then the program has some of the powers of a super-user as well. 295