The Regents of the University of California. All rights reserved.
%sccs.include.redist.roff%
@(#)1.1.t 8.3 (Berkeley) 05/20/94
.Sh 2 "Processes and protection .Sh 3 "Host identifiers
Each host has associated with it a 32-bit host ID, and a host name of up to MAXHOSTNAMELEN (64) characters (as defined in <sys/param.h>). These identifiers are set (by a privileged user) and retrieved using the .Fn sysctl interface described in section .Xr 1.7.1 . The host ID is seldom used (or set), and is deprecated. For convenience and backward compatibility, the following library routines are provided: .Fd sethostid 1 "set host identifier sethostid(hostid) long hostid; .Fd gethostid 0 "get host identifier hostid = gethostid(); result long hostid; .Fd sethostname 2 "set host name sethostname(name, len) char *name; int len; .Fd gethostname 2 "get host name len = gethostname(buf, buflen) result int len; result char *buf; int buflen; .Sh 3 "Process identifiers Each host runs a set of processes. Each process is largely independent of other processes, having its own protection domain, address space, timers, and an independent set of references to system or user implemented objects.
Each process in a host is named by an integer called the process ID. This number is in the range 1-30000 and is returned by the .Fn getpid routine: .Fd getpid 0 "get process identifier pid = getpid(); result pid_t pid; On each host this identifier is guaranteed to be unique; in a multi-host environment, the (hostid, process ID) pairs are guaranteed unique. The parent process identifier can be obtained using the .Fn getppid routine: .Fd getppid 0 "get parent process identifier pid = getppid(); result pid_t pid; .Sh 3 "Process creation and termination
A new process is created by making a logical duplicate of an existing process: .Fd fork 0 "create a new process pid = fork(); result pid_t pid; The .Fn fork call returns twice, once in the parent process, where pid is the process identifier of the child, and once in the child process where pid is 0. The parent-child relationship induces a hierarchical structure on the set of processes in the system.
For processes that are forking solely for the purpose of .Fn execve 'ing another program, the .Fn vfork system call provides a faster interface: .Fd vfork 0 "create a new process pid = vfork(); result pid_t pid; Like .Fn fork , the .Fn vfork call returns twice, once in the parent process, where pid is the process identifier of the child, and once in the child process where pid is 0. The parent process is suspended until the child process calls either execve or exit.
A process may terminate by executing an .Fn exit call: .Fd exit 1 "terminate a process exit(status) int status; returning 8 bits of exit status to its parent.
When a child process exits or terminates abnormally, the parent process receives information about any event which caused termination of the child process. The interface allows the parent to wait for a particular process, process group, or any direct descendent and to retrieve information about resources consumed by the process during its lifetime. The request may be done either synchronously (waiting for one of the requested processes to exit), or asynchronously (polling to see if any of the requested processes have exited): .Fd wait4 4 "collect exit status of child pid = wait4(wpid, astatus, options, arusage); result pid_t pid; pid_t wpid; result int *astatus; int options; result struct rusage *arusage;
A process can overlay itself with the memory image of another process, passing the newly created process a set of parameters, using the call: .Fd execve 3 "execute a new program execve(name, argv, envp) char *name, **argv, **envp; The specified name must be a file which is in a format recognized by the system, either a binary executable file or a file which causes the execution of a specified interpreter program to process its contents. If the set-user-ID mode bit is set, the effective user ID is set to the owner of the file; if the set-group-ID mode bit is set, the effective group ID is set to the group of the file. Whether changed or not, the effective user ID is then copied to the saved user Id, and the effective group Id is copied to the saved group Id. .Sh 3 "User and group IDs
Each process in the system has associated with it three user IDs: a real user ID, a effective user ID, and a saved user ID, all 32-bit unsigned integers (type uid_t). Each process has a real group ID and a set of access group IDs, the first of which is the effective group ID. The group IDs are 32-bit unsigned integers (type gid_t). Each process may be in several different access groups, with the maximum concurrent number of access groups a system compilation parameter, the constant NGROUPS in the file <sys/param.h>, guaranteed to be at least eight.
The real group ID is used in process accounting and in testing whether the effective group ID may be changed; it is not otherwise used for access control. The members of the access group ID set are used for access control. Because the first member of the set is the effective group ID, which is changed when executing a set-group-ID program, that element is normally duplicated in the set so that access privileges for the original group are not lost when using a set-group-ID program.
The real and effective user IDs associated with a process are returned by: .Fd getuid 0 "get real user identifier ruid = getuid(); result uid_t ruid; .Fd geteuid 0 "get effective user identifier euid = geteuid(); result uid_t euid; the real and effective group IDs by: .Fd getgid 0 "get real group identifier rgid = getgid(); result gid_t rgid; .Fd getegid 0 "get effective group identifier egid = getegid(); result gid_t egid; The access group ID set is returned by a .Fn getgroups call: .Fd getgroups 2 "get access group set ngroups = getgroups(gidsetsize, gidset); result int ngroups; int gidsetsize; result gid_t gidset[gidsetsize];
The user and group IDs are assigned at login time using the .Fn setuid , .Fn setgid , and .Fn setgroups calls: .Fd setuid 1 "set real, effective, and saved user identifiers setuid(uid); uid_t uid; .Fd setgid 1 "set real, effective, and saved group identifiers setgid(gid); gid_t gid; .Fd setgroups 2 "set access group set setgroups(gidsetsize, gidset) int gidsetsize; gid_t gidset[gidsetsize]; The .Fn setuid call sets the real, effective, and saved user IDs, and is permitted only if the specified uid is the current real user ID or if the caller is the super-user. The .Fn setgid call sets the real, effective, and saved group IDs; it is permitted only if the specified gid is the current real group ID or if the caller is the super-user. The .Fn setgroups call sets the access group ID set, and is restricted to the super-user.
The .Fn seteuid routine allows any process to set its effective user ID to either its real or saved user ID: .Fd seteuid 1 "set effective user identifier seteuid(uid); uid_t uid; The .Fn setegid routine allows any process to set its effective group ID to either its real or saved group ID: .Fd setegid 1 "set effective group identifier setegid(gid); gid_t gid; .Sh 3 "Sessions
When a user first logs onto the system, they are put into a session with a controlling process (usually a shell). The session is created with the call: .Fd setsid 0 "create a new session pid = setsid(); result pid_t pid; All subsequent processes created by the user that do not call .Fn setsid will be part of the session. The session also has a login name associated with it which is set using the privileged call: .Fd setlogin 1 "set login name setlogin(name); char *name; The login name can be retrieved using the call: .Fd getlogin 0 "get login name name = getlogin(); result char *name; Unlike earlier systems, the return value of .Fn getlogin can be trusted. .Sh 3 "Process groups
Each process in the system is also associated with a process group. The group of processes in a process group is sometimes referred to as a job and manipulated by high-level system software (such as the shell). All members of a process group are members of the same session. The current process group of a process is returned by the .Fn getpgrp call: .Fd getpgrp 0 "get process group pgrp = getpgrp(); result pid_t pgrp; When a process is in a specific process group it may receive software interrupts affecting the group, causing the group to suspend or resume execution or to be interrupted or terminated. In particular, a system terminal has a process group and only processes which are in the process group of the terminal may read from the terminal, allowing arbitration of terminals among several different jobs.
The process group associated with a process may be changed by the .Fn setpgid call: .Fd setpgid 2 "set process group setpgid(pid, pgrp); int pid, pgrp; Newly created processes are assigned process IDs distinct from all processes and process groups, and the same process group as their parent. A normal (unprivileged) process may set its process group equal to its process ID or to the value of any process group within its session.