1 .\" Copyright (c) 1980, 1991, 1993
2 .\" The Regents of the University of California. All rights reserved.
4 .\" Redistribution and use in source and binary forms, with or without
5 .\" modification, are permitted provided that the following conditions
7 .\" 1. Redistributions of source code must retain the above copyright
8 .\" notice, this list of conditions and the following disclaimer.
9 .\" 2. Redistributions in binary form must reproduce the above copyright
10 .\" notice, this list of conditions and the following disclaimer in the
11 .\" documentation and/or other materials provided with the distribution.
12 .\" 3. Neither the name of the University nor the names of its contributors
13 .\" may be used to endorse or promote products derived from this software
14 .\" without specific prior written permission.
16 .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
17 .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
20 .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 .\" @(#)execve.2 8.5 (Berkeley) 6/1/94
42 .Fn execve "const char *path" "char *const argv[]" "char *const envp[]"
44 .Fn fexecve "int fd" "char *const argv[]" "char *const envp[]"
49 transforms the calling process into a new process.
50 The new process is constructed from an ordinary file,
51 whose name is pointed to by
54 .Em new process file .
57 system call is equivalent to
59 except that the file to be executed is determined by the file
64 This file is either an executable object file,
65 or a file of data for an interpreter.
66 An executable object file consists of an identifying header,
67 followed by pages of data representing the initial program (text)
68 and initialized data pages.
69 Additional pages may be specified
70 by the header to be initialized with zero data; see
75 An interpreter file begins with a line of the form:
77 .Bd -ragged -offset indent -compact
83 When an interpreter file is
91 is specified, it becomes the first argument to the
93 and the name of the originally
95 file becomes the second argument;
96 otherwise, the name of the originally
98 file becomes the first argument.
99 The original arguments are shifted over to
100 become the subsequent arguments.
101 The zeroth argument is set to the specified
106 is a pointer to a null-terminated array of
107 character pointers to null-terminated character strings.
108 These strings construct the argument list to be made available to the new
110 At least one argument must be present in
111 the array; by custom, the first element should be
112 the name of the executed program (for example, the last component of
117 is also a pointer to a null-terminated array of
118 character pointers to null-terminated strings.
119 A pointer to this array is normally stored in the global variable
121 These strings pass information to the
122 new process that is not directly an argument to the command (see
125 File descriptors open in the calling process image remain open in
126 the new process image, except for those for which the close-on-exec
131 Descriptors that remain open are unaffected by
133 If any of the standard descriptors (0, 1, and/or 2) are closed at the
136 is called, and the process will gain privilege as a result of set-id
137 semantics, those descriptors will be re-opened automatically.
138 No programs, whether privileged or not, should assume that these descriptors
139 will remain closed across a call to
142 Signals set to be ignored in the calling process are set to be ignored in
145 Signals which are set to be caught in the calling process image
146 are set to default action in the new process image.
147 Blocked signals remain blocked regardless of changes to the signal action.
148 The signal stack is reset to be undefined (see
150 for more information).
152 If the set-user-ID mode bit of the new process image file is set
155 the effective user ID of the new process image is set to the owner ID
156 of the new process image file.
157 If the set-group-ID mode bit of the new process image file is set,
158 the effective group ID of the new process image is set to the group ID
159 of the new process image file.
160 (The effective group ID is the first element of the group list.)
161 The real user ID, real group ID and
162 other group IDs of the new process image remain the same as the calling
164 After any set-user-ID and set-group-ID processing,
165 the effective user ID is recorded as the saved set-user-ID,
166 and the effective group ID is recorded as the saved set-group-ID.
167 These values may be used in changing the effective IDs later (see
170 The set-ID bits are not honored if the respective file system has the
172 option enabled or if the new process file is an interpreter file.
174 tracing is disabled if effective IDs are changed.
176 The new process also inherits the following attributes from
179 .Bl -column parent_process_ID -offset indent -compact
180 .It process ID Ta see Xr getpid 2
181 .It parent process ID Ta see Xr getppid 2
182 .It process group ID Ta see Xr getpgrp 2
183 .It access groups Ta see Xr getgroups 2
184 .It working directory Ta see Xr chdir 2
185 .It root directory Ta see Xr chroot 2
186 .It control terminal Ta see Xr termios 4
187 .It resource usages Ta see Xr getrusage 2
188 .It interval timers Ta see Xr getitimer 2
189 .It resource limits Ta see Xr getrlimit 2
190 .It file mode mask Ta see Xr umask 2
191 .It signal mask Ta see Xr sigaction 2 ,
195 When a program is executed as a result of an
197 system call, it is entered as follows:
198 .Bd -literal -offset indent
199 main(argc, argv, envp)
206 is the number of elements in
211 points to the array of character pointers
212 to the arguments themselves.
216 ignores the file offset of
218 Since execute permission is checked by
222 need not have been opened with the
225 However, if the file to be executed denies read permission for the process
226 preparing to do the exec, the only way to provide the
234 Note that the file to be executed can not be open for writing.
238 system call overlays the current process image
239 with a new process image the successful call
240 has no process to return to.
243 does return to the calling process an error has occurred; the
244 return value will be -1 and the global variable
246 is set to indicate the error.
251 will fail and return to the calling process if:
254 A component of the path prefix is not a directory.
255 .It Bq Er ENAMETOOLONG
256 A component of a pathname exceeded 255 characters,
257 or an entire path name exceeded 1023 characters.
259 When invoking an interpreted script, the length of the first line,
262 prefix and terminating newline, exceeds
266 The new process file does not exist.
268 Too many symbolic links were encountered in translating the pathname.
270 Search permission is denied for a component of the path prefix.
272 The new process file is not an ordinary file.
274 The new process file mode denies execute permission.
277 did not contain at least one element.
279 The new process file has the appropriate access
280 permission, but has an invalid magic number in its header.
282 The new process file is a pure procedure (shared text)
283 file that is currently open for writing by some process.
285 The new process requires more virtual memory than
286 is allowed by the imposed maximum
289 The number of bytes in the new process' argument list
290 is larger than the system-imposed limit.
291 This limit is specified by the
296 The new process file is not as long as indicated by
297 the size values in its header.
306 to an illegal address.
308 An I/O error occurred while reading from the file system.
310 Corrupted data was detected while reading from the file system.
315 will fail and return to the calling process if:
320 argument is not a valid file descriptor open for executing.
338 system call conforms to
340 with the exception of reopening descriptors 0, 1, and/or 2 in certain
342 A future update of the Standard is expected to require this behavior,
343 and it may become the default for non-privileged processes as well.
344 .\" NB: update this caveat when TC1 is blessed.
345 The support for executing interpreted programs is an extension.
348 system call conforms to The Open Group Extended API Set 2 specification.
352 system call appeared in
356 system call appeared in
361 to a non-super-user, but is executed when
364 is ``root'', then the program has some of the powers
365 of a super-user as well.
367 When executing an interpreted program through
371 as a second argument to the interpreter,
374 is the file descriptor passed in the
378 For this construction to work correctly, the
380 filesystem shall be mounted on