1.\" Copyright (c) 1980, 1991, 1993 2.\" The Regents of the University of California. All rights reserved. 3.\" 4.\" Redistribution and use in source and binary forms, with or without 5.\" modification, are permitted provided that the following conditions 6.\" are met: 7.\" 1. Redistributions of source code must retain the above copyright 8.\" notice, this list of conditions and the following disclaimer. 9.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" notice, this list of conditions and the following disclaimer in the 11.\" documentation and/or other materials provided with the distribution. 12.\" 3. All advertising materials mentioning features or use of this software 13.\" must display the following acknowledgement: 14.\" This product includes software developed by the University of 15.\" California, Berkeley and its contributors. 16.\" 4. Neither the name of the University nor the names of its contributors 17.\" may be used to endorse or promote products derived from this software 18.\" without specific prior written permission. 19.\" 20.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 21.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 22.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 23.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 24.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 25.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 26.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 27.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 28.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 29.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 30.\" SUCH DAMAGE. 31.\" 32.\" @(#)execve.2 8.5 (Berkeley) 6/1/94 33.\" $FreeBSD: src/lib/libc/sys/execve.2,v 1.16.2.10 2001/12/22 01:21:30 jwd Exp $ 34.\" 35.Dd December 21, 2007 36.Dt EXECVE 2 37.Os 38.Sh NAME 39.Nm execve 40.Nd execute a file 41.Sh LIBRARY 42.Lb libc 43.Sh SYNOPSIS 44.In unistd.h 45.Ft int 46.Fn execve "const char *path" "char *const argv[]" "char *const envp[]" 47.Sh DESCRIPTION 48.Fn Execve 49transforms the calling process into a new process. 50The new process is constructed from an ordinary file, 51whose name is pointed to by 52.Fa path , 53called the 54.Em new process file . 55This file is either an executable object file, 56or a file of data for an interpreter. 57An executable object file consists of an identifying header, 58followed by pages of data representing the initial program (text) 59and initialized data pages. Additional pages may be specified 60by the header to be initialized with zero data; see 61.Xr elf 5 62and 63.Xr a.out 5 . 64.Pp 65An interpreter file begins with a line of the form: 66.Pp 67.Bd -ragged -offset indent -compact 68.Sy \&#! 69.Em interpreter 70.Bq Em arg 71.Ed 72.Pp 73When an interpreter file is 74.Sy execve Ap d , 75the system actually 76.Sy execve Ap s 77the specified 78.Em interpreter . 79If the optional 80.Em arg 81is specified, it becomes the first argument to the 82.Em interpreter , 83and the name of the originally 84.Sy execve Ap d 85file becomes the second argument; 86otherwise, the name of the originally 87.Sy execve Ap d 88file becomes the first argument. The original arguments are shifted over to 89become the subsequent arguments. 90The zeroth argument is set to the specified 91.Em interpreter . 92(See 93.Xr script 7 94for a detailed discussion of interpreter file execution.) 95.Pp 96The argument 97.Fa argv 98is a pointer to a null-terminated array of 99character pointers to null-terminated character strings. 100These strings construct the argument list to be made available to the new 101process. At least one argument must be present in 102the array; by custom, the first element should be 103the name of the executed program (for example, the last component of 104.Fa path ) . 105.Pp 106The argument 107.Fa envp 108is also a pointer to a null-terminated array of 109character pointers to null-terminated strings. 110A pointer to this array is normally stored in the global variable 111.Va environ . 112These strings pass information to the 113new process that is not directly an argument to the command (see 114.Xr environ 7 ) . 115.Pp 116File descriptors open in the calling process image remain open in 117the new process image, except for those for which the close-on-exec 118flag is set (see 119.Xr close 2 120and 121.Xr fcntl 2 ) . 122Descriptors that remain open are unaffected by 123.Fn execve . 124.Pp 125Signals set to be ignored in the calling process are set to be ignored in 126the 127new process. 128Signals which are set to be caught in the calling process image 129are set to default action in the new process image. 130Blocked signals remain blocked regardless of changes to the signal action. 131The signal stack is reset to be undefined (see 132.Xr sigaction 2 133for more information). 134.Pp 135If the set-user-ID mode bit of the new process image file is set 136(see 137.Xr chmod 2 ) , 138the effective user ID of the new process image is set to the owner ID 139of the new process image file. 140If the set-group-ID mode bit of the new process image file is set, 141the effective group ID of the new process image is set to the group ID 142of the new process image file. 143(The effective group ID is the first element of the group list.) 144The real user ID, real group ID and 145other group IDs of the new process image remain the same as the calling 146process image. 147After any set-user-ID and set-group-ID processing, 148the effective user ID is recorded as the saved set-user-ID, 149and the effective group ID is recorded as the saved set-group-ID. 150These values may be used in changing the effective IDs later (see 151.Xr setuid 2 ) . 152.Pp 153The set-ID bits are not honored if the respective file system has the 154.Ar nosuid 155option enabled or if the new process file is an interpreter file. Syscall 156tracing is disabled if effective IDs are changed. 157.Pp 158The new process also inherits the following attributes from 159the calling process: 160.Pp 161.Bl -column parent_process_ID -offset indent -compact 162.It process ID Ta see Xr getpid 2 163.It parent process ID Ta see Xr getppid 2 164.It process group ID Ta see Xr getpgrp 2 165.It access groups Ta see Xr getgroups 2 166.It working directory Ta see Xr chdir 2 167.It root directory Ta see Xr chroot 2 168.It control terminal Ta see Xr termios 4 169.It resource usages Ta see Xr getrusage 2 170.It interval timers Ta see Xr getitimer 2 171.It resource limits Ta see Xr getrlimit 2 172.It file mode mask Ta see Xr umask 2 173.It signal mask Ta see Xr sigaction 2 , 174.Xr sigprocmask 2 175.El 176.Pp 177When a program is executed as a result of an 178.Fn execve 179call, it is entered as follows: 180.Bd -literal -offset indent 181main(argc, argv, envp) 182int argc; 183char **argv, **envp; 184.Ed 185.Pp 186where 187.Fa argc 188is the number of elements in 189.Fa argv 190(the ``arg count'') 191and 192.Fa argv 193points to the array of character pointers 194to the arguments themselves. 195.Sh RETURN VALUES 196As the 197.Fn execve 198function overlays the current process image 199with a new process image the successful call 200has no process to return to. 201If 202.Fn execve 203does return to the calling process an error has occurred; the 204return value will be -1 and the global variable 205.Va errno 206is set to indicate the error. 207.Sh ERRORS 208.Fn Execve 209will fail and return to the calling process if: 210.Bl -tag -width Er 211.It Bq Er ENOTDIR 212A component of the path prefix is not a directory. 213.It Bq Er ENAMETOOLONG 214A component of a pathname exceeded 255 characters, 215or an entire path name exceeded 1023 characters. 216.It Bq Er ENAMETOOLONG 217When invoking an interpreted script, the interpreter name 218exceeds 219.Dv MAXSHELLCMDLEN 220characters. 221.It Bq Er ENOENT 222The new process file does not exist. 223.It Bq Er ELOOP 224Too many symbolic links were encountered in translating the pathname. 225.It Bq Er EACCES 226Search permission is denied for a component of the path prefix. 227.It Bq Er EACCES 228The new process file is not an ordinary file. 229.It Bq Er EACCES 230The new process file mode denies execute permission. 231.It Bq Er ENOEXEC 232The new process file has the appropriate access 233permission, but has an invalid magic number in its header. 234.It Bq Er ETXTBSY 235The new process file is a pure procedure (shared text) 236file that is currently open for writing or reading by some process. 237.It Bq Er ENOMEM 238The new process requires more virtual memory than 239is allowed by the imposed maximum 240.Pq Xr getrlimit 2 . 241.It Bq Er E2BIG 242The number of bytes in the new process' argument list 243is larger than the system-imposed limit. 244This limit is specified by the 245.Xr sysctl 3 246MIB variable 247.Dv KERN_ARGMAX . 248.It Bq Er EFAULT 249The new process file is not as long as indicated by 250the size values in its header. 251.It Bq Er EFAULT 252.Fa Path , 253.Fa argv , 254or 255.Fa envp 256point 257to an illegal address. 258.It Bq Er EIO 259An I/O error occurred while reading from the file system. 260.El 261.Sh CAVEAT 262If a program is 263.Em setuid 264to a non-super-user, but is executed when 265the real 266.Em uid 267is ``root'', then the program has some of the powers 268of a super-user as well. 269.Sh SEE ALSO 270.Xr ktrace 1 , 271.Xr fork 2 , 272.Xr _exit 2 , 273.Xr execl 3 , 274.Xr exit 3 , 275.Xr sysctl 3 , 276.Xr a.out 5 , 277.Xr elf 5 , 278.Xr environ 7 , 279.Xr script 7 , 280.Xr mount 8 281.Sh HISTORY 282The 283.Fn execve 284function call appeared in 285.Bx 4.2 . 286