prctl man page on Scientific

Man page or keyword search:  
man Server   26626 pages
apropos Keyword Search (all sections)
Output format
Scientific logo
[printable version]

PRCTL(2)		   Linux Programmer's Manual		      PRCTL(2)

NAME
       prctl - operations on a process

SYNOPSIS
       #include <sys/prctl.h>

       int prctl(int option, unsigned long arg2, unsigned long arg3,
		 unsigned long arg4, unsigned long arg5);

DESCRIPTION
       prctl()	is  called  with  a first argument describing what to do (with
       values defined in <linux/prctl.h>), and further arguments with  a  sig‐
       nificance depending on the first one.  The first argument can be:

       PR_CAPBSET_READ (since Linux 2.6.25)
	      Return (as the function result) 1 if the capability specified in
	      arg2 is in the calling thread's capability bounding set, or 0 if
	      it   is	not.	(The   capability  constants  are  defined  in
	      <linux/capability.h>.)  The  capability  bounding	 set  dictates
	      whether  the process can receive the capability through a file's
	      permitted capability set on a subsequent call to execve(2).

	      If the capability specified in arg2 is not valid, then the  call
	      fails with the error EINVAL.

       PR_CAPBSET_DROP (since Linux 2.6.25)
	      If  the calling thread has the CAP_SETPCAP capability, then drop
	      the capability specified by arg2 from the calling thread's capa‐
	      bility  bounding	set.   Any children of the calling thread will
	      inherit the newly reduced bounding set.

	      The call fails with the error: EPERM if the calling thread  does
	      not  have	 the  CAP_SETPCAP; EINVAL if arg2 does not represent a
	      valid capability; or EINVAL if file capabilities are not enabled
	      in the kernel, in which case bounding sets are not supported.

       PR_SET_DUMPABLE (since Linux 2.3.20)
	      Set  the	state  of  the flag determining whether core dumps are
	      produced for this	 process  upon	delivery  of  a	 signal	 whose
	      default behavior is to produce a core dump.  (Normally this flag
	      is set for a process by default, but it is cleared when  a  set-
	      user-ID  or set-group-ID program is executed and also by various
	      system calls that manipulate process UIDs and GIDs).  In kernels
	      up  to  and  including 2.6.12, arg2 must be either 0 (process is
	      not dumpable) or	1  (process  is	 dumpable).   Between  kernels
	      2.6.13  and 2.6.17, the value 2 was also permitted, which caused
	      any binary which normally would not be dumped to be dumped read‐
	      able  by	root only; for security reasons, this feature has been
	      removed.	     (See      also	 the	  description	    of
	      /proc/sys/fs/suid_dumpable in proc(5).)

       PR_GET_DUMPABLE (since Linux 2.3.20)
	      Return (as the function result) the current state of the calling
	      process's dumpable flag.

       PR_SET_ENDIAN (since Linux 2.6.18, PowerPC only)
	      Set the endian-ness of the calling process to the value given in
	      arg2,  which  should  be	one  of	 the following: PR_ENDIAN_BIG,
	      PR_ENDIAN_LITTLE, or PR_ENDIAN_PPC_LITTLE (PowerPC pseudo little
	      endian).

       PR_GET_ENDIAN (since Linux 2.6.18, PowerPC only)
	      Return  the  endian-ness of the calling process, in the location
	      pointed to by (int *) arg2.

       PR_SET_FPEMU (since Linux 2.4.18, 2.5.9, only on ia64)
	      Set  floating-point  emulation  control  bits  to	 arg2.	  Pass
	      PR_FPEMU_NOPRINT	to silently emulate fp operations accesses, or
	      PR_FPEMU_SIGFPE to not emulate fp	 operations  and  send	SIGFPE
	      instead.

       PR_GET_FPEMU (since Linux 2.4.18, 2.5.9, only on ia64)
	      Return  floating-point  emulation	 control bits, in the location
	      pointed to by (int *) arg2.

       PR_SET_FPEXC (since Linux 2.4.21, 2.5.32, only on PowerPC)
	      Set   floating-point   exception	  mode	  to	arg2.	  Pass
	      PR_FP_EXC_SW_ENABLE  to  use  FPEXC  for	FP  exception enables,
	      PR_FP_EXC_DIV for floating-point divide by  zero,	 PR_FP_EXC_OVF
	      for  floating-point  overflow,  PR_FP_EXC_UND for floating-point
	      underflow,  PR_FP_EXC_RES	 for  floating-point  inexact  result,
	      PR_FP_EXC_INV	for    floating-point	 invalid    operation,
	      PR_FP_EXC_DISABLED for FP exceptions disabled,  PR_FP_EXC_NONRE‐
	      COV  for	async  non-recoverable exception mode, PR_FP_EXC_ASYNC
	      for async recoverable exception mode, PR_FP_EXC_PRECISE for pre‐
	      cise exception mode.

       PR_GET_FPEXC (since Linux 2.4.21, 2.5.32, only on PowerPC)
	      Return floating-point exception mode, in the location pointed to
	      by (int *) arg2.

       PR_SET_KEEPCAPS (since Linux 2.2.18)
	      Set the state of the thread's "keep  capabilities"  flag,	 which
	      determines  whether  the threads's effective and permitted capa‐
	      bility sets are cleared when a change is made to	the  threads's
	      user  IDs	 such  that the threads's real UID, effective UID, and
	      saved set-user-ID all become non-zero when at least one of  them
	      previously  had the value 0.  (By default, these credential sets
	      are cleared).  arg2 must be either 0 (capabilities are  cleared)
	      or  1 (capabilities are kept).  This value will be reset to 0 on
	      subsequent calls to execve(2).

       PR_GET_KEEPCAPS (since Linux 2.2.18)
	      Return (as the function result) the current state of the calling
	      threads's "keep capabilities" flag.

       PR_SET_NAME (since Linux 2.6.9)
	      Set the process name for the calling process, using the value in
	      the location pointed to by (char *) arg2.	 The name can be up to
	      16  bytes	 long,	and  should  be null terminated if it contains
	      fewer bytes.

       PR_GET_NAME (since Linux 2.6.11)
	      Return the process name for the calling process, in  the	buffer
	      pointed  to by (char *) arg2.  The buffer should allow space for
	      up to 16 bytes; the returned string will be null	terminated  if
	      it is shorter than that.

       PR_SET_PDEATHSIG (since Linux 2.1.57)
	      Set  the	parent	process death signal of the calling process to
	      arg2 (either a signal value in the  range	 1..maxsig,  or	 0  to
	      clear).	This  is  the signal that the calling process will get
	      when its parent dies.  This value is cleared for the child of  a
	      fork(2).

       PR_GET_PDEATHSIG (since Linux 2.3.15)
	      Return  the current value of the parent process death signal, in
	      the location pointed to by (int *) arg2.

       PR_SET_SECCOMP (since Linux 2.6.23)
	      Set the secure computing mode for the calling  thread.   In  the
	      current  implementation,	arg2 must be 1.	 After the secure com‐
	      puting mode has been set to 1, the only system  calls  that  the
	      thread is permitted to make are read(2), write(2), _exit(2), and
	      sigreturn(2).  Other system calls result in the  delivery	 of  a
	      SIGKILL  signal.	 Secure	 computing  mode is useful for number-
	      crunching applications that may need to execute  untrusted  byte
	      code,  perhaps  obtained by reading from a pipe or socket.  This
	      operation is only available if the  kernel  is  configured  with
	      CONFIG_SECCOMP enabled.

       PR_GET_SECCOMP (since Linux 2.6.23)
	      Return  the  secure  computing  mode of the calling thread.  Not
	      very useful for the current implementation (mode equals 1),  but
	      may  be useful for other possible future modes: if the caller is
	      not in secure computing mode, this operation returns 0;  if  the
	      caller  is  in secure computing mode, then the prctl() call will
	      cause a SIGKILL signal to be sent to the process.	  This	opera‐
	      tion  is	only  available	 if the kernel is configured with CON‐
	      FIG_SECCOMP enabled.

       PR_SET_SECUREBITS (since Linux 2.6.26)
	      Set the "securebits" flags of the calling thread	to  the	 value
	      supplied in arg2.	 See capabilities(7).

       PR_GET_SECUREBITS (since Linux 2.6.26)
	      Return  (as  the	function result) the "securebits" flags of the
	      calling thread.  See capabilities(7).

       PR_SET_TIMING (since Linux 2.6.0-test4)
	      Set whether to use  (normal,  traditional)  statistical  process
	      timing  or  accurate  timestamp based process timing, by passing
	      PR_TIMING_STATISTICAL or PR_TIMING_TIMESTAMP to  arg2.   PR_TIM‐
	      ING_TIMESTAMP  is	 not  currently implemented (attempting to set
	      this mode will yield the error EINVAL).

       PR_GET_TIMING (since Linux 2.6.0-test4)
	      Return (as the function result) which process timing  method  is
	      currently in use.

       PR_SET_TSC (since Linux 2.6.26, x86 only)
	      Set  the	state  of  the	flag determining whether the timestamp
	      counter can be read by the process.  Pass PR_TSC_ENABLE to  arg2
	      to  allow it to be read, or PR_TSC_SIGSEGV to generate a SIGSEGV
	      when the process tries to read the timestamp counter.

       PR_GET_TSC (since Linux 2.6.26, x86 only)
	      Return the state of the flag determining whether	the  timestamp
	      counter can be read, in the location pointed to by (int *) arg2.

       PR_SET_UNALIGN
	      (Only  on: ia64, since Linux 2.3.48; parisc, since Linux 2.6.15;
	      PowerPC, since Linux 2.6.18;  Alpha,  since  Linux  2.6.22)  Set
	      unaligned	 access control bits to arg2.  Pass PR_UNALIGN_NOPRINT
	      to silently fix up unaligned user accesses, or PR_UNALIGN_SIGBUS
	      to generate SIGBUS on unaligned user access.

       PR_GET_UNALIGN
	      (see  PR_SET_UNALIGN  for	 information on versions and architec‐
	      tures) Return unaligned access control  bits,  in	 the  location
	      pointed to by (int *) arg2.

RETURN VALUE
       On    success,	PR_GET_DUMPABLE,   PR_GET_KEEPCAPS,   PR_CAPBSET_READ,
       PR_GET_TIMING, PR_GET_SECUREBITS, and (if  it  returns)	PR_GET_SECCOMP
       return  the non-negative values described above.	 All other option val‐
       ues return 0 on success.	 On error, -1 is returned, and	errno  is  set
       appropriately.

ERRORS
       EFAULT arg2 is an invalid address.

       EINVAL The value of option is not recognized.

       EINVAL arg2 is not valid value for this option.

       EINVAL option  is  PR_SET_SECCOMP or PR_SET_SECCOMP, and the kernel was
	      not configured with CONFIG_SECCOMP.

       EPERM  option is PR_SET_SECUREBITS, and the caller does	not  have  the
	      CAP_SETPCAP  capability,	or  tried to unset a "locked" flag, or
	      tried to set a flag whose corresponding locked flag was set (see
	      capabilities(7)).

       EPERM  option	 is	PR_SET_KEEPCAPS,     and     the     callers's
	      SECURE_KEEP_CAPS_LOCKED flag is set (see capabilities(7)).

       EPERM  option is PR_CAPBSET_DROP, and the  caller  does	not  have  the
	      CAP_SETPCAP capability.

VERSIONS
       The prctl() system call was introduced in Linux 2.1.57.

CONFORMING TO
       This  call  is  Linux-specific.	 IRIX  has a prctl() system call (also
       introduced in Linux 2.1.44 as irix_prctl	 on  the  MIPS	architecture),
       with prototype

       ptrdiff_t prctl(int option, int arg2, int arg3);

       and  options  to	 get the maximum number of processes per user, get the
       maximum number of processors the calling	 process  can  use,  find  out
       whether	a specified process is currently blocked, get or set the maxi‐
       mum stack size, etc.

SEE ALSO
       signal(2), core(5)

COLOPHON
       This page is part of release 3.22 of the Linux  man-pages  project.   A
       description  of	the project, and information about reporting bugs, can
       be found at http://www.kernel.org/doc/man-pages/.

Linux				  2008-07-16			      PRCTL(2)
[top]

List of man pages available for Scientific

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Tweet
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
....................................................................
Vote for polarhome
Free Shell Accounts :: the biggest list on the net