| Skip Navigation Links | |
| Exit Print View | |
 | man pages section 2: System Calls Oracle Solaris 11 Information Library |
| Skip Navigation Links | |
| Exit Print View | |
| man pages section 2: System Calls Oracle Solaris 11 Information Library |
- execute a file
#include <unistd.h>intexecl(const char *path,const char *arg0,... /* const char *argn,(char *)0 */);
intexecv(const char *path,char *constargv[]);
intexecle(const char *path,const char *arg0,... /* const char *argn,(char *)0,char *constenvp[]*/);
intexecve(const char *path,char *constargv[],char *constenvp[]);
intexeclp(const char *file,const char *arg0,... /* const char *argn,(char *)0 */);
intexecvp(const char *file,char *constargv[]);
int fexecve(intfd, char *constargv[], char *constenvp[]);
Each of the functions in theexec family replaces the current processimage with a new process image. The new image is constructed froma regular, executable file called thenew process image file. This file is either anexecutable object file or a file of data for an interpreter. There isno return from a successful call to one of these functions becausethe calling process image is overlaid by the new process image.
Thefexecve() function behaves likeexecve(), except that the file to beexecuted is specified by the file descriptorfd rather than by apathname. The file offset offd is ignored.
An interpreter file begins with a line of the form
#! pathname [arg]
wherepathname is the path of the interpreter, andarg is anoptional argument. When an interpreter file is executed, the system invokes thespecified interpreter. The pathname specified in the interpreter file is passed asarg0 to the interpreter. Ifarg was specified in the interpreter file, itis passed asarg1 to the interpreter. The remaining arguments to theinterpreter arearg0 throughargn of the originally exec'd file. The interpreter namedbypathname must not be an interpreter file.
When a C-language program is executed as a result of this call,it is entered as a C-language function call as follows:
int main (int argc, char *argv[]);
whereargc is the argument count andargv is an array ofcharacter pointers to the arguments themselves. In addition, the following variable:
extern char **environ;
is initialized as a pointer to an array of character pointers tothe environment strings. Theargv andenviron arrays are each terminated bya null pointer. The null pointer terminating theargv array is notcounted inargc.
The value ofargc is non-negative, and if greater than 0,argv[0]points to a string containing the name of the file. Ifargcis 0,argv[0] is a null pointer, in which case there areno arguments. Applications should verify thatargc is greater than 0 or thatargv[0] is not a null pointer before dereferencingargv[0].
The arguments specified by a program with one of theexec functionsare passed on to the new process image in themain() arguments.
Thepath argument points to a path name that identifies the newprocess image file.
Thefile argument is used to construct a pathname that identifies thenew process image file. If thefile argument contains a slash character,it is used as the pathname for this file. Otherwise, the pathprefix for this file is obtained by a search of the directories passedin thePATH environment variable (seeenviron(5)). The environment is supplied typicallyby the shell. If the process image file is not a valid executableobject file,execlp() andexecvp() use the contents of that file asstandard input to the shell. In this case, the shell becomes thenew process image. The standard to which the caller conforms determines which shellis used. Seestandards(5).
The arguments represented byarg0… are pointers to null-terminated character strings. Thesestrings constitute the argument list available to the new process image. Thelist is terminated by a null pointer. Thearg0 argument should point toa filename that is associated with the process being started by oneof theexec functions.
Theargv argument is an array of character pointers to null-terminated strings.The last member of this array must be a null pointer. Thesestrings constitute the argument list available to the new process image. Thevalue inargv[0] should point to a filename that is associated with theprocess being started by one of theexec functions.
Theenvp argument is an array of character pointers to null-terminated strings.These strings constitute the environment for the new process image. Theenvp array is terminated by a null pointer. Forexecl(),execv(),execvp(),andexeclp(), the C-language run-time start-off routine places a pointer to theenvironment of the calling process in the global objectextern char **environ, and itis used to pass the environment of the calling process to thenew process image.
The number of bytes available for the new process's combined argument andenvironment lists isARG_MAX. It is implementation-dependent whether null terminators, pointers, and/orany alignment bytes are included in this total.
File descriptors open in the calling process image remain open in thenew process image, except for those whose close-on-exec flagFD_CLOEXEC is set;seefcntl(2). For those file descriptors that remain open, all attributes ofthe open file description, including file locks, remain unchanged.
The preferred hardware address translation size (seememcntl(2)) for the stack andheap of the new process image are set to the default systempage size.
Directory streams open in the calling process image are closed in thenew process image.
The state of conversion descriptors and message catalogue descriptors in the newprocess image is undefined. For the new process, the equivalent of:
setlocale(LC_ALL, "C")
is executed at startup.
Signals set to the default action (SIG_DFL) in the calling process imageare set to the default action in the new process image (seesignal(3C)). Signals set to be ignored (SIG_IGN) by the calling process image areset to be ignored by the new process image. Signals set tobe caught by the calling process image are set to the defaultaction in the new process image (seesignal.h(3HEAD)). After a successful callto any of theexec functions, alternate signal stacks are not preservedand theSA_ONSTACK flag is cleared for all signals.
After a successful call to any of theexec functions, any functionspreviously registered byatexit(3C) are no longer registered.
The saved resource limits in the new process image are set tobe a copy of the process's corresponding hard and soft resource limits.
If theST_NOSUID bit is set for the file system containing thenew process image file, then the effective user ID and effective groupID are unchanged in the new process image. If the set-user-ID modebit of the new process image file is set (seechmod(2)), the effectiveuser ID of the new process image is set to the ownerID of the new process image file. Similarly, if the set-group-ID mode bitof the new process image file is set, the effective group IDof the new process image is set to the group ID ofthe new process image file. The real user ID and real group IDof the new process image remain the same as those of thecalling process image. The effective user ID and effective group ID ofthe new process image are saved (as the saved set-user-ID and thesaved set-group-ID for use bysetuid(2).
The privilege sets are changed according to the following rules:
The inheritable set, I, is intersected with the limit set, L. This mechanism enforces the limit set for processes.
The effective set, E, and the permitted set, P, are made equal to the new inheritable set.
The system attempts to set the privilege-aware state to non-PA both beforeperforming any modifications to the process IDs and privilege sets as wellas after completing the transition to new UIDs and privilege sets, followingthe rules outlined inprivileges(5).
If the {PRIV_PROC_OWNER} privilege is asserted in the effective set, the set-user-IDand set-group-ID bits will be honored when the process is being controlledbyptrace(3C). Additional restriction can apply when the traced process has aneffective UID of 0. Seeprivileges(5).
Any shared memory segments attached to the calling process image will notbe attached to the new process image (seeshmop(2)). Any mappings establishedthroughmmap() are not preserved across anexec. Memory mappings created inthe process are unmapped before the address space is rebuilt for thenew process image. Seemmap(2).
Memory locks established by the calling process via calls tomlockall(3C) ormlock(3C) are removed. If locked pages in the address space of thecalling process are also mapped into the address spaces the locks establishedby the other processes will be unaffected by the call by thisprocess to theexec function. If theexec function fails, the effect onmemory locks is unspecified.
If_XOPEN_REALTIME is defined and has a value other than -1, anynamed semaphores open in the calling process are closed as if byappropriate calls tosem_close(3C)
Profiling is disabled for the new process; seeprofil(2).
Timers created by the calling process withtimer_create(3C) are deleted before replacingthe current process image with the new process image.
For theSCHED_FIFO andSCHED_RR scheduling policies, the policy and priority settingsare not changed by a call to anexec function.
All open message queue descriptors in the calling process are closed, asdescribed inmq_close(3C).
Any outstanding asynchronous I/O operations may be cancelled. Those asynchronous I/O operationsthat are not canceled will complete as if theexec function hadnot yet occurred, but any associated signal notifications are suppressed. It isunspecified whether theexec function itself blocks awaiting such I/O completion. Inno event, however, will the new process image created by theexecfunction be affected by the presence of outstanding asynchronous I/O operations atthe time theexec function is called.
All active contract templates are cleared (seecontract(4)).
The new process also inherits the following attributes from the calling process:
controlling terminal
current working directory
file mode creation mask (seeumask(2))
file size limit (seeulimit(2))
limit privilege set
nice value (seenice(2))
parent process ID
pending signals (seesigpending(2))
privilege debugging flag (seeprivileges(5) andgetpflags(2))
process ID
process contract (seecontract(4) andprocess(4))
process group ID
process signal mask (seesigprocmask(2))
processor bindings (seeprocessor_bind(2))
processor set bindings (seepset_bind(2))
project ID
real group ID
real user ID
resource limits (seegetrlimit(2))
root directory
scheduler class and priority (seepriocntl(2))
semadj values (seesemop(2))
session membership (seeexit(2) andsignal(3C))
supplementary group IDs
task ID
time left until an alarm clock signal (seealarm(2))
tms_utime,tms_stime,tms_cutime, andtms_cstime (seetimes(2))
trace flag (seeptrace(3C) request 0)
A call to anyexec function from a process with more thanone thread results in all threads being terminated and the new executableimage being loaded and executed. No destructor functions will be called.
Upon successful completion, each of the functions in theexec family marksfor update thest_atime field of the file. If anexecfunction failed but was able to locate theprocess image file, whether thest_atimefield is marked for update is unspecified. Should the function succeed, theprocess image file is considered to have been opened withopen(2). Thecorrespondingclose(2) is considered to occur at a time after this open,but before process termination or successful completion of a subsequent call toone of theexec functions. Theargv[ ] andenvp[ ] arrays of pointers andthe strings to which those arrays point will not be modified bya call to one of theexec functions, except as a consequenceof replacing the process image.
The saved resource limits in the new process image are set tobe a copy of the process's corresponding hard and soft limits.
If a function in theexec family returns to the calling processimage, an error has occurred; the return value is-1 anderrnois set to indicate the error.
Theexec functions will fail if:
The number of bytes in the new process's argument list is greater than the system-imposed limit of {ARG_MAX} bytes. The argument list limit is sum of the size of the argument list plus the size of the environment's exported shell variables.
Search permission is denied for a directory listed in the new process file's path prefix.
The new process file is not an ordinary file.
The new process file mode denies execute permission.
The {FILE_DAC_SEARCH} privilege overrides the restriction on directory searches.
The {FILE_DAC_EXECUTE} privilege overrides the lack of execute permission.
Total amount of system memory available when reading using raw I/O is temporarily insufficient.
An argument points to an illegal address.
The new process image file has the appropriate permission and has a recognized executable binary format, but the system does not support execution of a file with this format.
A signal was caught during the execution of one of the functions in theexec family.
Too many symbolic links were encountered in translatingpath orfile.
The length of thefile orpath argument exceeds {PATH_MAX}, or the length of afile orpath component exceeds {NAME_MAX} while {_POSIX_NO_TRUNC} is in effect.
One or more components of the new process path name of the file do not exist or is a null pathname.
Thepath argument points to a remote machine and the link to that machine is no longer active.
A component of the new process path of the file prefix is not a directory.
Theexec functions, except forexeclp() andexecvp(), will fail if:
The new process image file has the appropriate access permission but is not in the proper format.
Thefexecve() function will fail if:
Thefd argument is not a valid file descriptor.
Theexec functions may fail if:
Pathname resolution of a symbolic link produced an intermediate result whose length exceeds {PATH_MAX}.
The new process image requires more memory than is allowed by the hardware or system-imposed by memory management constraints. Seebrk(2).
The new process image file is a pure procedure (shared text) file that is currently open for writing by some process.
The file descriptor passed to thefexecve() function need not have beenopened with theO_EXEC flag. However, if the file to beexecuted denies read and write permission for the process preparing to performtheexec, the only way to provide the file descriptorfd tofexecve()is to specify theO_EXEC flag when openingfd.
Thefexecve() function ignores the mode that was used when the filedescriptor was opened and theexec will fail if the mode ofthe file associated withfd does not grant execute permission to thecalling process at the timefexecve() is called.
As the state of conversion descriptors and message catalogue descriptors in thenew process image is undefined, portable applications should not rely on theiruse and should close them prior to calling one of theexecfunctions.
Applications that require other than the default POSIX locale should callsetlocale(3C)with the appropriate parameters to establish the locale of the new process.
Theenviron array should not be accessed directly by the application.
Seeattributes(5) for descriptions of the following attributes:
|
All of the members ofexec family of functions are MT-Safe. In addition, theexecl(),excele(),execv(),execve() andfexecve() functions are Async-Signal-Safe.
ksh(1),ps(1),sh(1),alarm(2),brk(2),chmod(2),exit(2),execvex(2),fcntl(2),fork(2),getpflags(2),getrlimit(2),memcntl(2),mmap(2),nice(2),priocntl(2),profil(2),semop(2),shmop(2),sigpending(2),sigprocmask(2),times(2),umask(2),lockf(3C),ptrace(3C),setlocale(3C),signal(3C),system(3C),timer_create(3C),a.out(4),contract(4),process(4),attributes(5),environ(5),privileges(5),standards(5)
If a program issetuid to a user ID other than thesuperuser, and the program is executed when the real user ID issuper-user, then the program has some of the powers of a super-useras well.
Copyright © 2011, Oracle and/or its affiliates. All rights reserved.Legal Notices |   |