1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. Neither the name of the University nor the names of its contributors 13.\" may be used to endorse or promote products derived from this software 14.\" without specific prior written permission. 15.\" 16.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 17.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 20.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26.\" SUCH DAMAGE. 27.\" 28.\" @(#)execve.2 8.5 (Berkeley) 6/1/94 29.\" $FreeBSD: src/lib/libc/sys/execve.2,v 1.16.2.10 2001/12/22 01:21:30 jwd Exp $ 30.\" 31.Dd December 21, 2007 32.Dt EXECVE 2 33.Os 34.Sh NAME 35.Nm execve 36.Nd execute a file 37.Sh LIBRARY 38.Lb libc 39.Sh SYNOPSIS 40.In unistd.h 41.Ft int 42.Fn execve "const char *path" "char *const argv[]" "char *const envp[]" 43.Sh DESCRIPTION 44.Fn Execve 45transforms the calling process into a new process. 46The new process is constructed from an ordinary file, 47whose name is pointed to by 48.Fa path , 49called the 50.Em new process file . 51This file is either an executable object file, 52or a file of data for an interpreter. 53An executable object file consists of an identifying header, 54followed by pages of data representing the initial program (text) 55and initialized data pages. Additional pages may be specified 56by the header to be initialized with zero data; see 57.Xr elf 5 58and 59.Xr a.out 5 . 60.Pp 61An interpreter file begins with a line of the form: 62.Pp 63.Bd -ragged -offset indent -compact 64.Sy \&#! 65.Em interpreter 66.Bq Em arg 67.Ed 68.Pp 69When an interpreter file is 70.Sy execve Ap d , 71the system actually 72.Sy execve Ap s 73the specified 74.Em interpreter . 75If the optional 76.Em arg 77is specified, it becomes the first argument to the 78.Em interpreter , 79and the name of the originally 80.Sy execve Ap d 81file becomes the second argument; 82otherwise, the name of the originally 83.Sy execve Ap d 84file becomes the first argument. The original arguments are shifted over to 85become the subsequent arguments. 86The zeroth argument is set to the specified 87.Em interpreter . 88(See 89.Xr script 7 90for a detailed discussion of interpreter file execution.) 91.Pp 92The argument 93.Fa argv 94is a pointer to a null-terminated array of 95character pointers to null-terminated character strings. 96These strings construct the argument list to be made available to the new 97process. At least one argument must be present in 98the array; by custom, the first element should be 99the name of the executed program (for example, the last component of 100.Fa path ) . 101.Pp 102The argument 103.Fa envp 104is also a pointer to a null-terminated array of 105character pointers to null-terminated strings. 106A pointer to this array is normally stored in the global variable 107.Va environ . 108These strings pass information to the 109new process that is not directly an argument to the command (see 110.Xr environ 7 ) . 111.Pp 112File descriptors open in the calling process image remain open in 113the new process image, except for those for which the close-on-exec 114flag is set (see 115.Xr close 2 116and 117.Xr fcntl 2 ) . 118Descriptors that remain open are unaffected by 119.Fn execve . 120.Pp 121Signals set to be ignored in the calling process are set to be ignored in 122the 123new process. 124Signals which are set to be caught in the calling process image 125are set to default action in the new process image. 126Blocked signals remain blocked regardless of changes to the signal action. 127The signal stack is reset to be undefined (see 128.Xr sigaction 2 129for more information). 130.Pp 131If the set-user-ID mode bit of the new process image file is set 132(see 133.Xr chmod 2 ) , 134the effective user ID of the new process image is set to the owner ID 135of the new process image file. 136If the set-group-ID mode bit of the new process image file is set, 137the effective group ID of the new process image is set to the group ID 138of the new process image file. 139(The effective group ID is the first element of the group list.) 140The real user ID, real group ID and 141other group IDs of the new process image remain the same as the calling 142process image. 143After any set-user-ID and set-group-ID processing, 144the effective user ID is recorded as the saved set-user-ID, 145and the effective group ID is recorded as the saved set-group-ID. 146These values may be used in changing the effective IDs later (see 147.Xr setuid 2 ) . 148.Pp 149The set-ID bits are not honored if the respective file system has the 150.Ar nosuid 151option enabled or if the new process file is an interpreter file. Syscall 152tracing is disabled if effective IDs are changed. 153.Pp 154The new process also inherits the following attributes from 155the calling process: 156.Pp 157.Bl -column parent_process_ID -offset indent -compact 158.It process ID Ta see Xr getpid 2 159.It parent process ID Ta see Xr getppid 2 160.It process group ID Ta see Xr getpgrp 2 161.It access groups Ta see Xr getgroups 2 162.It working directory Ta see Xr chdir 2 163.It root directory Ta see Xr chroot 2 164.It control terminal Ta see Xr termios 4 165.It resource usages Ta see Xr getrusage 2 166.It interval timers Ta see Xr getitimer 2 167.It resource limits Ta see Xr getrlimit 2 168.It file mode mask Ta see Xr umask 2 169.It signal mask Ta see Xr sigaction 2 , 170.Xr sigprocmask 2 171.El 172.Pp 173When a program is executed as a result of an 174.Fn execve 175call, it is entered as follows: 176.Bd -literal -offset indent 177main(argc, argv, envp) 178int argc; 179char **argv, **envp; 180.Ed 181.Pp 182where 183.Fa argc 184is the number of elements in 185.Fa argv 186(the ``arg count'') 187and 188.Fa argv 189points to the array of character pointers 190to the arguments themselves. 191.Sh RETURN VALUES 192As the 193.Fn execve 194function overlays the current process image 195with a new process image the successful call 196has no process to return to. 197If 198.Fn execve 199does return to the calling process an error has occurred; the 200return value will be -1 and the global variable 201.Va errno 202is set to indicate the error. 203.Sh ERRORS 204.Fn Execve 205will fail and return to the calling process if: 206.Bl -tag -width Er 207.It Bq Er ENOTDIR 208A component of the path prefix is not a directory. 209.It Bq Er ENAMETOOLONG 210A component of a pathname exceeded 255 characters, 211or an entire path name exceeded 1023 characters. 212.It Bq Er ENAMETOOLONG 213When invoking an interpreted script, the interpreter name 214exceeds 215.Dv MAXSHELLCMDLEN 216characters. 217.It Bq Er ENOENT 218The new process file does not exist. 219.It Bq Er ELOOP 220Too many symbolic links were encountered in translating the pathname. 221.It Bq Er EACCES 222Search permission is denied for a component of the path prefix. 223.It Bq Er EACCES 224The new process file is not an ordinary file. 225.It Bq Er EACCES 226The new process file mode denies execute permission. 227.It Bq Er ENOEXEC 228The new process file has the appropriate access 229permission, but has an invalid magic number in its header. 230.It Bq Er ETXTBSY 231The new process file is a pure procedure (shared text) 232file that is currently open for writing or reading by some process. 233.It Bq Er ENOMEM 234The new process requires more virtual memory than 235is allowed by the imposed maximum 236.Pq Xr getrlimit 2 . 237.It Bq Er E2BIG 238The number of bytes in the new process' argument list 239is larger than the system-imposed limit. 240This limit is specified by the 241.Xr sysctl 3 242MIB variable 243.Dv KERN_ARGMAX . 244.It Bq Er EFAULT 245The new process file is not as long as indicated by 246the size values in its header. 247.It Bq Er EFAULT 248.Fa Path , 249.Fa argv , 250or 251.Fa envp 252point 253to an illegal address. 254.It Bq Er EIO 255An I/O error occurred while reading from the file system. 256.El 257.Sh CAVEAT 258If a program is 259.Em setuid 260to a non-super-user, but is executed when 261the real 262.Em uid 263is ``root'', then the program has some of the powers 264of a super-user as well. 265.Sh SEE ALSO 266.Xr ktrace 1 , 267.Xr fork 2 , 268.Xr _exit 2 , 269.Xr execl 3 , 270.Xr exit 3 , 271.Xr sysctl 3 , 272.Xr a.out 5 , 273.Xr elf 5 , 274.Xr environ 7 , 275.Xr script 7 , 276.Xr mount 8 277.Sh HISTORY 278The 279.Fn execve 280function call appeared in 281.Bx 4.2 . 282