1 # SOME DESCRIPTIVE TITLE
2 # Copyright (C) YEAR Free Software Foundation, Inc.
3 # This file is distributed under the same license as the PACKAGE package.
4 # FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
9 "Project-Id-Version: PACKAGE VERSION\n"
10 "POT-Creation-Date: 2014-06-08 01:30+0900\n"
11 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
12 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
13 "Language-Team: LANGUAGE <LL@li.org>\n"
16 "Content-Type: text/plain; charset=UTF-8\n"
17 "Content-Transfer-Encoding: 8bit\n"
20 #: build/C/man2/acct.2:31 build/C/man5/acct.5:25
26 #: build/C/man2/acct.2:31
32 #: build/C/man2/acct.2:31 build/C/man5/acct.5:25 build/C/man7/capabilities.7:48 build/C/man2/capget.2:15 build/C/man7/cpuset.7:25 build/C/man7/credentials.7:27 build/C/man2/getgid.2:25 build/C/man2/getgroups.2:31 build/C/man2/getpid.2:25 build/C/man2/getpriority.2:48 build/C/man2/getresuid.2:28 build/C/man2/getrlimit.2:64 build/C/man2/getrusage.2:39 build/C/man2/getsid.2:26 build/C/man2/getuid.2:26 build/C/man2/iopl.2:33 build/C/man2/ioprio_set.2:24 build/C/man2/ipc.2:25 build/C/man2/seteuid.2:29 build/C/man2/setfsgid.2:31 build/C/man2/setfsuid.2:31 build/C/man2/setgid.2:29 build/C/man2/setpgid.2:48 build/C/man2/setresuid.2:26 build/C/man2/setreuid.2:45 build/C/man2/setsid.2:30 build/C/man2/setuid.2:30 build/C/man7/svipc.7:40 build/C/man3/ulimit.3:27
38 #: build/C/man2/acct.2:31 build/C/man5/acct.5:25 build/C/man7/capabilities.7:48 build/C/man2/capget.2:15 build/C/man7/cpuset.7:25 build/C/man7/credentials.7:27 build/C/man2/getgid.2:25 build/C/man2/getgroups.2:31 build/C/man2/getpid.2:25 build/C/man2/getpriority.2:48 build/C/man2/getresuid.2:28 build/C/man2/getrlimit.2:64 build/C/man2/getrusage.2:39 build/C/man2/getsid.2:26 build/C/man2/getuid.2:26 build/C/man2/iopl.2:33 build/C/man2/ioprio_set.2:24 build/C/man2/ipc.2:25 build/C/man2/seteuid.2:29 build/C/man2/setfsgid.2:31 build/C/man2/setfsuid.2:31 build/C/man2/setgid.2:29 build/C/man2/setpgid.2:48 build/C/man2/setresuid.2:26 build/C/man2/setreuid.2:45 build/C/man2/setsid.2:30 build/C/man2/setuid.2:30 build/C/man7/svipc.7:40 build/C/man3/ulimit.3:27
40 msgid "Linux Programmer's Manual"
44 #: build/C/man2/acct.2:32 build/C/man5/acct.5:26 build/C/man7/capabilities.7:49 build/C/man2/capget.2:16 build/C/man7/cpuset.7:26 build/C/man7/credentials.7:28 build/C/man2/getgid.2:26 build/C/man2/getgroups.2:32 build/C/man2/getpid.2:26 build/C/man2/getpriority.2:49 build/C/man2/getresuid.2:29 build/C/man2/getrlimit.2:65 build/C/man2/getrusage.2:40 build/C/man2/getsid.2:27 build/C/man2/getuid.2:27 build/C/man2/iopl.2:34 build/C/man2/ioprio_set.2:25 build/C/man2/ipc.2:26 build/C/man2/seteuid.2:30 build/C/man2/setfsgid.2:32 build/C/man2/setfsuid.2:32 build/C/man2/setgid.2:30 build/C/man2/setpgid.2:49 build/C/man2/setresuid.2:27 build/C/man2/setreuid.2:46 build/C/man2/setsid.2:31 build/C/man2/setuid.2:31 build/C/man7/svipc.7:41 build/C/man3/ulimit.3:28
50 #: build/C/man2/acct.2:34
51 msgid "acct - switch process accounting on or off"
55 #: build/C/man2/acct.2:34 build/C/man5/acct.5:28 build/C/man2/capget.2:18 build/C/man2/getgid.2:28 build/C/man2/getgroups.2:34 build/C/man2/getpid.2:28 build/C/man2/getpriority.2:51 build/C/man2/getresuid.2:31 build/C/man2/getrlimit.2:67 build/C/man2/getrusage.2:42 build/C/man2/getsid.2:29 build/C/man2/getuid.2:29 build/C/man2/iopl.2:36 build/C/man2/ioprio_set.2:27 build/C/man2/ipc.2:28 build/C/man2/seteuid.2:32 build/C/man2/setfsgid.2:34 build/C/man2/setfsuid.2:34 build/C/man2/setgid.2:32 build/C/man2/setpgid.2:51 build/C/man2/setresuid.2:29 build/C/man2/setreuid.2:48 build/C/man2/setsid.2:33 build/C/man2/setuid.2:33 build/C/man7/svipc.7:43 build/C/man3/ulimit.3:30
61 #: build/C/man2/acct.2:38
63 msgid "B<#include E<lt>unistd.hE<gt>>\n"
67 #: build/C/man2/acct.2:40
69 msgid "B<int acct(const char *>I<filename>B<);>\n"
73 #: build/C/man2/acct.2:46 build/C/man2/getgroups.2:48 build/C/man2/getrlimit.2:84 build/C/man2/getsid.2:37 build/C/man2/seteuid.2:44 build/C/man2/setpgid.2:71 build/C/man2/setreuid.2:60
74 msgid "Feature Test Macro Requirements for glibc (see B<feature_test_macros>(7)):"
78 #: build/C/man2/acct.2:50
79 msgid "B<acct>(): _BSD_SOURCE || (_XOPEN_SOURCE && _XOPEN_SOURCE\\ E<lt>\\ 500)"
83 #: build/C/man2/acct.2:50 build/C/man5/acct.5:30 build/C/man7/capabilities.7:51 build/C/man2/capget.2:24 build/C/man7/cpuset.7:28 build/C/man7/credentials.7:30 build/C/man2/getgid.2:36 build/C/man2/getgroups.2:52 build/C/man2/getpid.2:36 build/C/man2/getpriority.2:59 build/C/man2/getresuid.2:39 build/C/man2/getrlimit.2:88 build/C/man2/getrusage.2:48 build/C/man2/getsid.2:50 build/C/man2/getuid.2:37 build/C/man2/iopl.2:40 build/C/man2/ioprio_set.2:35 build/C/man2/ipc.2:34 build/C/man2/seteuid.2:53 build/C/man2/setfsgid.2:38 build/C/man2/setfsuid.2:38 build/C/man2/setgid.2:38 build/C/man2/setpgid.2:100 build/C/man2/setresuid.2:37 build/C/man2/setreuid.2:70 build/C/man2/setsid.2:40 build/C/man2/setuid.2:39 build/C/man7/svipc.7:49 build/C/man3/ulimit.3:34
89 #: build/C/man2/acct.2:60
91 "The B<acct>() system call enables or disables process accounting. If "
92 "called with the name of an existing file as its argument, accounting is "
93 "turned on, and records for each terminating process are appended to "
94 "I<filename> as it terminates. An argument of NULL causes accounting to be "
99 #: build/C/man2/acct.2:60 build/C/man2/capget.2:160 build/C/man2/getgroups.2:92 build/C/man2/getpriority.2:107 build/C/man2/getresuid.2:50 build/C/man2/getrlimit.2:435 build/C/man2/getrusage.2:188 build/C/man2/getsid.2:58 build/C/man2/iopl.2:66 build/C/man2/ioprio_set.2:149 build/C/man2/seteuid.2:67 build/C/man2/setfsgid.2:68 build/C/man2/setfsuid.2:68 build/C/man2/setgid.2:53 build/C/man2/setpgid.2:195 build/C/man2/setresuid.2:64 build/C/man2/setreuid.2:93 build/C/man2/setsid.2:51 build/C/man2/setuid.2:70 build/C/man3/ulimit.3:67
105 #: build/C/man2/acct.2:65 build/C/man2/capget.2:165 build/C/man2/getresuid.2:55 build/C/man2/getrusage.2:193 build/C/man2/iopl.2:71 build/C/man2/seteuid.2:72 build/C/man2/setgid.2:58 build/C/man2/setresuid.2:69 build/C/man2/setreuid.2:98 build/C/man2/setuid.2:75
107 "On success, zero is returned. On error, -1 is returned, and I<errno> is set "
112 #: build/C/man2/acct.2:65 build/C/man2/capget.2:179 build/C/man7/cpuset.7:1100 build/C/man2/getgid.2:42 build/C/man2/getgroups.2:106 build/C/man2/getpid.2:44 build/C/man2/getpriority.2:120 build/C/man2/getresuid.2:55 build/C/man2/getrlimit.2:440 build/C/man2/getrusage.2:193 build/C/man2/getsid.2:63 build/C/man2/getuid.2:43 build/C/man2/iopl.2:71 build/C/man2/ioprio_set.2:169 build/C/man2/seteuid.2:72 build/C/man2/setgid.2:58 build/C/man2/setpgid.2:216 build/C/man2/setresuid.2:69 build/C/man2/setreuid.2:98 build/C/man2/setsid.2:58 build/C/man2/setuid.2:75 build/C/man3/ulimit.3:74
118 #: build/C/man2/acct.2:66 build/C/man7/cpuset.7:1116 build/C/man7/cpuset.7:1123 build/C/man7/cpuset.7:1129 build/C/man7/cpuset.7:1137 build/C/man7/cpuset.7:1144 build/C/man2/getpriority.2:140 build/C/man2/setpgid.2:217
124 #: build/C/man2/acct.2:77
126 "Write permission is denied for the specified file, or search permission is "
127 "denied for one of the directories in the path prefix of I<filename> (see "
128 "also B<path_resolution>(7)), or I<filename> is not a regular file."
132 #: build/C/man2/acct.2:77 build/C/man2/capget.2:180 build/C/man7/cpuset.7:1172 build/C/man2/getgroups.2:107 build/C/man2/getresuid.2:56 build/C/man2/getrlimit.2:441 build/C/man2/getrusage.2:194
138 #: build/C/man2/acct.2:81
139 msgid "I<filename> points outside your accessible address space."
143 #: build/C/man2/acct.2:81 build/C/man7/cpuset.7:1238 build/C/man7/cpuset.7:1246
149 #: build/C/man2/acct.2:85
150 msgid "Error writing to the file I<filename>."
154 #: build/C/man2/acct.2:85
160 #: build/C/man2/acct.2:89
161 msgid "I<filename> is a directory."
165 #: build/C/man2/acct.2:89
171 #: build/C/man2/acct.2:93
172 msgid "Too many symbolic links were encountered in resolving I<filename>."
176 #: build/C/man2/acct.2:93 build/C/man7/cpuset.7:1251 build/C/man7/cpuset.7:1258 build/C/man7/cpuset.7:1263
178 msgid "B<ENAMETOOLONG>"
182 #: build/C/man2/acct.2:97
183 msgid "I<filename> was too long."
187 #: build/C/man2/acct.2:97
193 #: build/C/man2/acct.2:100
194 msgid "The system limit on the total number of open files has been reached."
198 #: build/C/man2/acct.2:100 build/C/man7/cpuset.7:1275 build/C/man7/cpuset.7:1280
204 #: build/C/man2/acct.2:103
205 msgid "The specified filename does not exist."
209 #: build/C/man2/acct.2:103 build/C/man7/cpuset.7:1287 build/C/man2/getgroups.2:127
215 #: build/C/man2/acct.2:106 build/C/man2/getgroups.2:130
216 msgid "Out of memory."
220 #: build/C/man2/acct.2:106 build/C/man2/iopl.2:76
226 #: build/C/man2/acct.2:112
228 "BSD process accounting has not been enabled when the operating system kernel "
229 "was compiled. The kernel configuration parameter controlling this feature "
230 "is B<CONFIG_BSD_PROCESS_ACCT>."
234 #: build/C/man2/acct.2:112 build/C/man7/cpuset.7:1314
240 #: build/C/man2/acct.2:117
241 msgid "A component used as a directory in I<filename> is not in fact a directory."
245 #: build/C/man2/acct.2:117 build/C/man2/capget.2:191 build/C/man2/capget.2:196 build/C/man7/cpuset.7:1319 build/C/man2/getgroups.2:130 build/C/man2/getpriority.2:152 build/C/man2/getrlimit.2:457 build/C/man2/getsid.2:64 build/C/man2/iopl.2:79 build/C/man2/ioprio_set.2:179 build/C/man2/seteuid.2:75 build/C/man2/setgid.2:59 build/C/man2/setpgid.2:231 build/C/man2/setresuid.2:77 build/C/man2/setreuid.2:99 build/C/man2/setsid.2:59 build/C/man2/setuid.2:85 build/C/man3/ulimit.3:75
251 #: build/C/man2/acct.2:123
253 "The calling process has insufficient privilege to enable process "
254 "accounting. On Linux the B<CAP_SYS_PACCT> capability is required."
258 #: build/C/man2/acct.2:123
264 #: build/C/man2/acct.2:127
265 msgid "I<filename> refers to a file on a read-only filesystem."
269 #: build/C/man2/acct.2:127
275 #: build/C/man2/acct.2:130
276 msgid "There are no more free file structures or we ran out of memory."
280 #: build/C/man2/acct.2:130 build/C/man5/acct.5:153 build/C/man7/capabilities.7:1100 build/C/man2/capget.2:218 build/C/man7/credentials.7:287 build/C/man2/getgid.2:44 build/C/man2/getgroups.2:133 build/C/man2/getpid.2:46 build/C/man2/getpriority.2:160 build/C/man2/getresuid.2:67 build/C/man2/getrlimit.2:478 build/C/man2/getrusage.2:202 build/C/man2/getsid.2:79 build/C/man2/getuid.2:45 build/C/man2/iopl.2:87 build/C/man2/ioprio_set.2:196 build/C/man2/ipc.2:45 build/C/man2/seteuid.2:91 build/C/man2/setfsgid.2:75 build/C/man2/setfsuid.2:75 build/C/man2/setgid.2:66 build/C/man2/setpgid.2:250 build/C/man2/setresuid.2:83 build/C/man2/setreuid.2:115 build/C/man2/setsid.2:65 build/C/man2/setuid.2:92 build/C/man3/ulimit.3:78
282 msgid "CONFORMING TO"
285 #. SVr4 documents an EBUSY error condition, but no EISDIR or ENOSYS.
286 #. Also AIX and HP-UX document EBUSY (attempt is made
287 #. to enable accounting when it is already enabled), as does Solaris
288 #. (attempt is made to enable accounting using the same file that is
289 #. currently being used).
291 #: build/C/man2/acct.2:137
292 msgid "SVr4, 4.3BSD (but not POSIX)."
296 #: build/C/man2/acct.2:137 build/C/man5/acct.5:157 build/C/man7/capabilities.7:1106 build/C/man2/capget.2:220 build/C/man7/cpuset.7:1341 build/C/man7/credentials.7:293 build/C/man2/getgid.2:46 build/C/man2/getgroups.2:141 build/C/man2/getpid.2:48 build/C/man2/getpriority.2:163 build/C/man2/getresuid.2:70 build/C/man2/getrlimit.2:501 build/C/man2/getrusage.2:213 build/C/man2/getsid.2:81 build/C/man2/getuid.2:47 build/C/man2/iopl.2:91 build/C/man2/ioprio_set.2:198 build/C/man2/ipc.2:49 build/C/man2/seteuid.2:93 build/C/man2/setfsgid.2:79 build/C/man2/setfsuid.2:79 build/C/man2/setgid.2:68 build/C/man2/setpgid.2:272 build/C/man2/setresuid.2:86 build/C/man2/setreuid.2:121 build/C/man2/setsid.2:67 build/C/man2/setuid.2:97
302 #: build/C/man2/acct.2:140
304 "No accounting is produced for programs running when a system crash occurs. "
305 "In particular, nonterminating processes are never accounted for."
309 #: build/C/man2/acct.2:143
311 "The structure of the records written to the accounting file is described in "
316 #: build/C/man2/acct.2:143 build/C/man5/acct.5:174 build/C/man7/capabilities.7:1162 build/C/man2/capget.2:228 build/C/man7/cpuset.7:1488 build/C/man7/credentials.7:304 build/C/man2/getgid.2:62 build/C/man2/getgroups.2:178 build/C/man2/getpid.2:100 build/C/man2/getpriority.2:232 build/C/man2/getresuid.2:86 build/C/man2/getrlimit.2:666 build/C/man2/getrusage.2:253 build/C/man2/getsid.2:84 build/C/man2/getuid.2:73 build/C/man2/iopl.2:100 build/C/man2/ioprio_set.2:346 build/C/man2/ipc.2:57 build/C/man2/seteuid.2:124 build/C/man2/setfsgid.2:123 build/C/man2/setfsuid.2:131 build/C/man2/setgid.2:78 build/C/man2/setpgid.2:340 build/C/man2/setresuid.2:106 build/C/man2/setreuid.2:161 build/C/man2/setsid.2:84 build/C/man2/setuid.2:120 build/C/man7/svipc.7:331 build/C/man3/ulimit.3:83
322 #: build/C/man2/acct.2:145
327 #: build/C/man2/acct.2:145 build/C/man5/acct.5:179 build/C/man7/capabilities.7:1183 build/C/man2/capget.2:232 build/C/man7/cpuset.7:1506 build/C/man7/credentials.7:336 build/C/man2/getgid.2:67 build/C/man2/getgroups.2:185 build/C/man2/getpid.2:110 build/C/man2/getpriority.2:241 build/C/man2/getresuid.2:92 build/C/man2/getrlimit.2:684 build/C/man2/getrusage.2:260 build/C/man2/getsid.2:88 build/C/man2/getuid.2:78 build/C/man2/iopl.2:104 build/C/man2/ioprio_set.2:354 build/C/man2/ipc.2:70 build/C/man2/seteuid.2:131 build/C/man2/setfsgid.2:128 build/C/man2/setfsuid.2:136 build/C/man2/setgid.2:84 build/C/man2/setpgid.2:347 build/C/man2/setresuid.2:115 build/C/man2/setreuid.2:169 build/C/man2/setsid.2:91 build/C/man2/setuid.2:127 build/C/man7/svipc.7:348 build/C/man3/ulimit.3:88
333 #: build/C/man2/acct.2:153 build/C/man5/acct.5:187 build/C/man7/capabilities.7:1191 build/C/man2/capget.2:240 build/C/man7/cpuset.7:1514 build/C/man7/credentials.7:344 build/C/man2/getgid.2:75 build/C/man2/getgroups.2:193 build/C/man2/getpid.2:118 build/C/man2/getpriority.2:249 build/C/man2/getresuid.2:100 build/C/man2/getrlimit.2:692 build/C/man2/getrusage.2:268 build/C/man2/getsid.2:96 build/C/man2/getuid.2:86 build/C/man2/iopl.2:112 build/C/man2/ioprio_set.2:362 build/C/man2/ipc.2:78 build/C/man2/seteuid.2:139 build/C/man2/setfsgid.2:136 build/C/man2/setfsuid.2:144 build/C/man2/setgid.2:92 build/C/man2/setpgid.2:355 build/C/man2/setresuid.2:123 build/C/man2/setreuid.2:177 build/C/man2/setsid.2:99 build/C/man2/setuid.2:135 build/C/man7/svipc.7:356 build/C/man3/ulimit.3:96
335 "This page is part of release 3.68 of the Linux I<man-pages> project. A "
336 "description of the project, information about reporting bugs, and the latest "
337 "version of this page, can be found at "
338 "\\%http://www.kernel.org/doc/man-pages/."
342 #: build/C/man5/acct.5:25
348 #: build/C/man5/acct.5:28
349 msgid "acct - process accounting file"
353 #: build/C/man5/acct.5:30
354 msgid "B<#include E<lt>sys/acct.hE<gt>>"
358 #: build/C/man5/acct.5:36
360 "If the kernel is built with the process accounting option enabled "
361 "(B<CONFIG_BSD_PROCESS_ACCT>), then calling B<acct>(2) starts process "
362 "accounting, for example:"
366 #: build/C/man5/acct.5:39
367 msgid "acct(\"/var/log/pacct\");"
371 #: build/C/man5/acct.5:47
373 "When process accounting is enabled, the kernel writes a record to the "
374 "accounting file as each process on the system terminates. This record "
375 "contains information about the terminated process, and is defined in "
376 "I<E<lt>sys/acct.hE<gt>> as follows:"
380 #: build/C/man5/acct.5:51
382 msgid "#define ACCT_COMM 16\n"
386 #: build/C/man5/acct.5:53
388 msgid "typedef u_int16_t comp_t;\n"
392 #: build/C/man5/acct.5:77
396 " char ac_flag; /* Accounting flags */\n"
397 " u_int16_t ac_uid; /* Accounting user ID */\n"
398 " u_int16_t ac_gid; /* Accounting group ID */\n"
399 " u_int16_t ac_tty; /* Controlling terminal */\n"
400 " u_int32_t ac_btime; /* Process creation time\n"
401 " (seconds since the Epoch) */\n"
402 " comp_t ac_utime; /* User CPU time */\n"
403 " comp_t ac_stime; /* System CPU time */\n"
404 " comp_t ac_etime; /* Elapsed time */\n"
405 " comp_t ac_mem; /* Average memory usage (kB) */\n"
406 " comp_t ac_io; /* Characters transferred (unused) */\n"
407 " comp_t ac_rw; /* Blocks read or written (unused) */\n"
408 " comp_t ac_minflt; /* Minor page faults */\n"
409 " comp_t ac_majflt; /* Major page faults */\n"
410 " comp_t ac_swaps; /* Number of swaps (unused) */\n"
411 " u_int32_t ac_exitcode; /* Process termination status\n"
412 " (see wait(2)) */\n"
413 " char ac_comm[ACCT_COMM+1];\n"
414 " /* Command name (basename of last\n"
415 " executed command; null-terminated) */\n"
416 " char ac_pad[I<X>]; /* padding bytes */\n"
421 #: build/C/man5/acct.5:84
424 "enum { /* Bits that may be set in ac_flag field */\n"
425 " AFORK = 0x01, /* Has executed fork, but no exec */\n"
426 " ASU = 0x02, /* Used superuser privileges */\n"
427 " ACORE = 0x08, /* Dumped core */\n"
428 " AXSIG = 0x10 /* Killed by a signal */\n"
433 #: build/C/man5/acct.5:94
435 "The I<comp_t> data type is a floating-point value consisting of a 3-bit, "
436 "base-8 exponent, and a 13-bit mantissa. A value, I<c>, of this type can be "
437 "converted to a (long) integer as follows:"
441 #: build/C/man5/acct.5:97
443 msgid " v = (c & 0x1fff) E<lt>E<lt> (((c E<gt>E<gt> 13) & 0x7) * 3);\n"
447 #: build/C/man5/acct.5:107
449 "The I<ac_utime>, I<ac_stime>, and I<ac_etime> fields measure time in \"clock "
450 "ticks\"; divide these values by I<sysconf(_SC_CLK_TCK)> to convert them to "
455 #: build/C/man5/acct.5:107
457 msgid "Version 3 accounting file format"
461 #: build/C/man5/acct.5:122
463 "Since kernel 2.6.8, an optional alternative version of the accounting file "
464 "can be produced if the B<CONFIG_BSD_PROCESS_ACCT_V3> option is set when "
465 "building the kernel. With this option is set, the records written to the "
466 "accounting file contain additional fields, and the width of I<c_uid> and "
467 "I<ac_gid> fields is widened from 16 to 32 bits (in line with the increased "
468 "size of UID and GIDs in Linux 2.4 and later). The records are defined as "
473 #: build/C/man5/acct.5:147
477 " char ac_flag; /* Flags */\n"
478 " char ac_version; /* Always set to ACCT_VERSION (3) */\n"
479 " u_int16_t ac_tty; /* Controlling terminal */\n"
480 " u_int32_t ac_exitcode; /* Process termination status */\n"
481 " u_int32_t ac_uid; /* Real user ID */\n"
482 " u_int32_t ac_gid; /* Real group ID */\n"
483 " u_int32_t ac_pid; /* Process ID */\n"
484 " u_int32_t ac_ppid; /* Parent process ID */\n"
485 " u_int32_t ac_btime; /* Process creation time */\n"
486 " float ac_etime; /* Elapsed time */\n"
487 " comp_t ac_utime; /* User CPU time */\n"
488 " comp_t ac_stime; /* System time */\n"
489 " comp_t ac_mem; /* Average memory usage (kB) */\n"
490 " comp_t ac_io; /* Characters transferred (unused) */\n"
491 " comp_t ac_rw; /* Blocks read or written\n"
493 " comp_t ac_minflt; /* Minor page faults */\n"
494 " comp_t ac_majflt; /* Major page faults */\n"
495 " comp_t ac_swaps; /* Number of swaps (unused) */\n"
496 " char ac_comm[ACCT_COMM]; /* Command name */\n"
501 #: build/C/man5/acct.5:149 build/C/man7/cpuset.7:1338 build/C/man2/getresuid.2:60 build/C/man2/getrlimit.2:473 build/C/man2/getsid.2:75 build/C/man2/ioprio_set.2:193 build/C/man2/setfsgid.2:71 build/C/man2/setfsuid.2:71 build/C/man2/setresuid.2:81
507 #: build/C/man5/acct.5:153
508 msgid "The I<acct_v3> structure is defined in glibc since version 2.6."
512 #: build/C/man5/acct.5:157
514 "Process accounting originated on BSD. Although it is present on most "
515 "systems, it is not standardized, and the details vary somewhat between "
520 #: build/C/man5/acct.5:160
522 "Records in the accounting file are ordered by termination time of the "
527 #: build/C/man5/acct.5:167
529 "In kernels up to and including 2.6.9, a separate accounting record is "
530 "written for each thread created using the NPTL threading library; since "
531 "Linux 2.6.10, a single accounting record is written for the entire process "
532 "on termination of the last thread in the process."
536 #: build/C/man5/acct.5:174
538 "The I<proc/sys/kernel/acct> file, described in B<proc>(5), defines settings "
539 "that control the behavior of process accounting when disk space runs low."
543 #: build/C/man5/acct.5:179
544 msgid "B<lastcomm>(1), B<acct>(2), B<accton>(8), B<sa>(8)"
548 #: build/C/man7/capabilities.7:48
554 #: build/C/man7/capabilities.7:48 build/C/man7/cpuset.7:25 build/C/man7/credentials.7:27
560 #: build/C/man7/capabilities.7:51
561 msgid "capabilities - overview of Linux capabilities"
565 #: build/C/man7/capabilities.7:63
567 "For the purpose of performing permission checks, traditional UNIX "
568 "implementations distinguish two categories of processes: I<privileged> "
569 "processes (whose effective user ID is 0, referred to as superuser or root), "
570 "and I<unprivileged> processes (whose effective UID is nonzero). Privileged "
571 "processes bypass all kernel permission checks, while unprivileged processes "
572 "are subject to full permission checking based on the process's credentials "
573 "(usually: effective UID, effective GID, and supplementary group list)."
577 #: build/C/man7/capabilities.7:70
579 "Starting with kernel 2.2, Linux divides the privileges traditionally "
580 "associated with superuser into distinct units, known as I<capabilities>, "
581 "which can be independently enabled and disabled. Capabilities are a "
582 "per-thread attribute."
586 #: build/C/man7/capabilities.7:70
588 msgid "Capabilities list"
592 #: build/C/man7/capabilities.7:73
594 "The following list shows the capabilities implemented on Linux, and the "
595 "operations or behaviors that each capability permits:"
599 #: build/C/man7/capabilities.7:73
601 msgid "B<CAP_AUDIT_CONTROL> (since Linux 2.6.11)"
605 #: build/C/man7/capabilities.7:77
607 "Enable and disable kernel auditing; change auditing filter rules; retrieve "
608 "auditing status and filtering rules."
612 #: build/C/man7/capabilities.7:77
614 msgid "B<CAP_AUDIT_WRITE> (since Linux 2.6.11)"
618 #: build/C/man7/capabilities.7:80
619 msgid "Write records to kernel auditing log."
623 #: build/C/man7/capabilities.7:80
625 msgid "B<CAP_BLOCK_SUSPEND> (since Linux 3.5)"
629 #: build/C/man7/capabilities.7:86
631 "Employ features that can block system suspend (B<epoll>(7) B<EPOLLWAKEUP>, "
632 "I</proc/sys/wake_lock>)."
636 #: build/C/man7/capabilities.7:86
642 #: build/C/man7/capabilities.7:90
643 msgid "Make arbitrary changes to file UIDs and GIDs (see B<chown>(2))."
647 #: build/C/man7/capabilities.7:90
649 msgid "B<CAP_DAC_OVERRIDE>"
653 #: build/C/man7/capabilities.7:94
655 "Bypass file read, write, and execute permission checks. (DAC is an "
656 "abbreviation of \"discretionary access control\".)"
660 #: build/C/man7/capabilities.7:94
662 msgid "B<CAP_DAC_READ_SEARCH>"
666 #: build/C/man7/capabilities.7:98 build/C/man7/capabilities.7:101 build/C/man7/capabilities.7:111 build/C/man7/capabilities.7:121 build/C/man7/capabilities.7:125 build/C/man7/capabilities.7:127 build/C/man7/capabilities.7:129 build/C/man7/capabilities.7:199 build/C/man7/capabilities.7:201 build/C/man7/capabilities.7:203 build/C/man7/capabilities.7:205 build/C/man7/capabilities.7:207 build/C/man7/capabilities.7:209 build/C/man7/capabilities.7:211 build/C/man7/capabilities.7:213 build/C/man7/capabilities.7:215 build/C/man7/capabilities.7:239 build/C/man7/capabilities.7:241 build/C/man7/capabilities.7:287 build/C/man7/capabilities.7:297 build/C/man7/capabilities.7:303 build/C/man7/capabilities.7:308 build/C/man7/capabilities.7:314 build/C/man7/capabilities.7:318 build/C/man7/capabilities.7:325 build/C/man7/capabilities.7:328 build/C/man7/capabilities.7:336 build/C/man7/capabilities.7:338 build/C/man7/capabilities.7:347 build/C/man7/capabilities.7:354 build/C/man7/capabilities.7:357 build/C/man7/capabilities.7:361 build/C/man7/capabilities.7:364 build/C/man7/capabilities.7:367 build/C/man7/capabilities.7:374 build/C/man7/capabilities.7:379 build/C/man7/capabilities.7:385 build/C/man7/capabilities.7:389 build/C/man7/capabilities.7:393 build/C/man7/capabilities.7:397 build/C/man7/capabilities.7:401 build/C/man7/capabilities.7:428 build/C/man7/capabilities.7:433 build/C/man7/capabilities.7:439 build/C/man7/capabilities.7:442 build/C/man7/capabilities.7:445 build/C/man7/capabilities.7:454 build/C/man7/capabilities.7:458 build/C/man7/capabilities.7:475 build/C/man7/capabilities.7:478 build/C/man7/capabilities.7:482 build/C/man7/capabilities.7:487 build/C/man7/capabilities.7:496 build/C/man7/capabilities.7:501 build/C/man7/capabilities.7:504 build/C/man7/capabilities.7:509 build/C/man7/capabilities.7:512 build/C/man7/capabilities.7:515 build/C/man7/capabilities.7:518 build/C/man7/capabilities.7:521 build/C/man7/capabilities.7:526 build/C/man7/capabilities.7:528 build/C/man7/capabilities.7:534 build/C/man7/capabilities.7:542 build/C/man7/capabilities.7:544 build/C/man7/capabilities.7:548 build/C/man7/capabilities.7:550 build/C/man7/capabilities.7:553 build/C/man7/capabilities.7:557 build/C/man7/capabilities.7:559 build/C/man7/capabilities.7:561 build/C/man7/capabilities.7:563 build/C/man7/capabilities.7:572 build/C/man7/capabilities.7:579 build/C/man7/capabilities.7:584 build/C/man7/capabilities.7:589 build/C/man7/capabilities.7:594 build/C/man7/capabilities.7:619 build/C/man7/capabilities.7:626 build/C/man7/capabilities.7:827 build/C/man7/capabilities.7:835 build/C/man7/capabilities.7:1151 build/C/man7/capabilities.7:1156 build/C/man7/cpuset.7:540 build/C/man7/cpuset.7:545 build/C/man7/cpuset.7:550 build/C/man7/cpuset.7:726 build/C/man7/cpuset.7:730 build/C/man7/cpuset.7:927 build/C/man7/cpuset.7:930 build/C/man7/cpuset.7:934 build/C/man7/cpuset.7:938 build/C/man7/cpuset.7:942 build/C/man7/credentials.7:177 build/C/man7/credentials.7:183 build/C/man7/credentials.7:195 build/C/man7/credentials.7:217 build/C/man7/credentials.7:234 build/C/man7/credentials.7:266 build/C/man7/credentials.7:269 build/C/man7/credentials.7:280 build/C/man7/credentials.7:283
672 #: build/C/man7/capabilities.7:101
674 "Bypass file read permission checks and directory read and execute permission "
679 #: build/C/man7/capabilities.7:104
680 msgid "Invoke B<open_by_handle_at>(2)."
684 #: build/C/man7/capabilities.7:107
686 msgid "B<CAP_FOWNER>"
690 #: build/C/man7/capabilities.7:121
692 "Bypass permission checks on operations that normally require the filesystem "
693 "UID of the process to match the UID of the file (e.g., B<chmod>(2), "
694 "B<utime>(2)), excluding those operations covered by B<CAP_DAC_OVERRIDE> and "
695 "B<CAP_DAC_READ_SEARCH>;"
699 #: build/C/man7/capabilities.7:125
700 msgid "set extended file attributes (see B<chattr>(1)) on arbitrary files;"
704 #: build/C/man7/capabilities.7:127
705 msgid "set Access Control Lists (ACLs) on arbitrary files;"
709 #: build/C/man7/capabilities.7:129
710 msgid "ignore directory sticky bit on file deletion;"
714 #: build/C/man7/capabilities.7:136
715 msgid "specify B<O_NOATIME> for arbitrary files in B<open>(2) and B<fcntl>(2)."
719 #: build/C/man7/capabilities.7:138
721 msgid "B<CAP_FSETID>"
725 #: build/C/man7/capabilities.7:144
727 "Don't clear set-user-ID and set-group-ID permission bits when a file is "
728 "modified; set the set-group-ID bit for a file whose GID does not match the "
729 "filesystem or any of the supplementary GIDs of the calling process."
733 #: build/C/man7/capabilities.7:144
735 msgid "B<CAP_IPC_LOCK>"
738 #. FIXME As at Linux 3.2, there are some strange uses of this capability
739 #. in other places; they probably should be replaced with something else.
741 #: build/C/man7/capabilities.7:153
742 msgid "Lock memory (B<mlock>(2), B<mlockall>(2), B<mmap>(2), B<shmctl>(2))."
746 #: build/C/man7/capabilities.7:153
748 msgid "B<CAP_IPC_OWNER>"
752 #: build/C/man7/capabilities.7:156
753 msgid "Bypass permission checks for operations on System V IPC objects."
757 #: build/C/man7/capabilities.7:156
762 #. FIXME CAP_KILL also has an effect for threads + setting child
763 #. termination signal to other than SIGCHLD: without this
764 #. capability, the termination signal reverts to SIGCHLD
765 #. if the child does an exec(). What is the rationale
768 #: build/C/man7/capabilities.7:169
770 "Bypass permission checks for sending signals (see B<kill>(2)). This "
771 "includes use of the B<ioctl>(2) B<KDSIGACCEPT> operation."
775 #: build/C/man7/capabilities.7:169
777 msgid "B<CAP_LEASE> (since Linux 2.4)"
781 #: build/C/man7/capabilities.7:173
782 msgid "Establish leases on arbitrary files (see B<fcntl>(2))."
786 #: build/C/man7/capabilities.7:173
788 msgid "B<CAP_LINUX_IMMUTABLE>"
791 #. These attributes are now available on ext2, ext3, Reiserfs, XFS, JFS
793 #: build/C/man7/capabilities.7:182
795 "Set the B<FS_APPEND_FL> and B<FS_IMMUTABLE_FL> i-node flags (see "
800 #: build/C/man7/capabilities.7:182
802 msgid "B<CAP_MAC_ADMIN> (since Linux 2.6.25)"
806 #: build/C/man7/capabilities.7:186
808 "Override Mandatory Access Control (MAC). Implemented for the Smack Linux "
809 "Security Module (LSM)."
813 #: build/C/man7/capabilities.7:186
815 msgid "B<CAP_MAC_OVERRIDE> (since Linux 2.6.25)"
819 #: build/C/man7/capabilities.7:190
820 msgid "Allow MAC configuration or state changes. Implemented for the Smack LSM."
824 #: build/C/man7/capabilities.7:190
826 msgid "B<CAP_MKNOD> (since Linux 2.4)"
830 #: build/C/man7/capabilities.7:194
831 msgid "Create special files using B<mknod>(2)."
835 #: build/C/man7/capabilities.7:194
837 msgid "B<CAP_NET_ADMIN>"
841 #: build/C/man7/capabilities.7:197
842 msgid "Perform various network-related operations:"
846 #: build/C/man7/capabilities.7:201
847 msgid "interface configuration;"
851 #: build/C/man7/capabilities.7:203
852 msgid "administration of IP firewall, masquerading, and accounting;"
856 #: build/C/man7/capabilities.7:205
857 msgid "modify routing tables;"
861 #: build/C/man7/capabilities.7:207
862 msgid "bind to any address for transparent proxying;"
866 #: build/C/man7/capabilities.7:209
867 msgid "set type-of-service (TOS)"
871 #: build/C/man7/capabilities.7:211
872 msgid "clear driver statistics;"
876 #: build/C/man7/capabilities.7:213
877 msgid "set promiscuous mode;"
881 #: build/C/man7/capabilities.7:215
882 msgid "enabling multicasting;"
886 #: build/C/man7/capabilities.7:226
888 "use B<setsockopt>(2) to set the following socket options: B<SO_DEBUG>, "
889 "B<SO_MARK>, B<SO_PRIORITY> (for a priority outside the range 0 to 6), "
890 "B<SO_RCVBUFFORCE>, and B<SO_SNDBUFFORCE>."
894 #: build/C/man7/capabilities.7:228
896 msgid "B<CAP_NET_BIND_SERVICE>"
900 #: build/C/man7/capabilities.7:232
902 "Bind a socket to Internet domain privileged ports (port numbers less than "
907 #: build/C/man7/capabilities.7:232
909 msgid "B<CAP_NET_BROADCAST>"
913 #: build/C/man7/capabilities.7:235
914 msgid "(Unused) Make socket broadcasts, and listen to multicasts."
918 #: build/C/man7/capabilities.7:235
920 msgid "B<CAP_NET_RAW>"
924 #: build/C/man7/capabilities.7:241
925 msgid "use RAW and PACKET sockets;"
929 #: build/C/man7/capabilities.7:243
930 msgid "bind to any address for transparent proxying."
934 #: build/C/man7/capabilities.7:246
936 msgid "B<CAP_SETGID>"
940 #: build/C/man7/capabilities.7:250
942 "Make arbitrary manipulations of process GIDs and supplementary GID list; "
943 "forge GID when passing socket credentials via UNIX domain sockets."
947 #: build/C/man7/capabilities.7:250
949 msgid "B<CAP_SETFCAP> (since Linux 2.6.24)"
953 #: build/C/man7/capabilities.7:253
954 msgid "Set file capabilities."
958 #: build/C/man7/capabilities.7:253
960 msgid "B<CAP_SETPCAP>"
964 #: build/C/man7/capabilities.7:264
966 "If file capabilities are not supported: grant or remove any capability in "
967 "the caller's permitted capability set to or from any other process. (This "
968 "property of B<CAP_SETPCAP> is not available when the kernel is configured to "
969 "support file capabilities, since B<CAP_SETPCAP> has entirely different "
970 "semantics for such kernels.)"
974 #: build/C/man7/capabilities.7:274
976 "If file capabilities are supported: add any capability from the calling "
977 "thread's bounding set to its inheritable set; drop capabilities from the "
978 "bounding set (via B<prctl>(2) B<PR_CAPBSET_DROP>); make changes to the "
979 "I<securebits> flags."
983 #: build/C/man7/capabilities.7:274
985 msgid "B<CAP_SETUID>"
988 #. FIXME CAP_SETUID also an effect in exec(); document this.
990 #: build/C/man7/capabilities.7:283
992 "Make arbitrary manipulations of process UIDs (B<setuid>(2), B<setreuid>(2), "
993 "B<setresuid>(2), B<setfsuid>(2)); make forged UID when passing socket "
994 "credentials via UNIX domain sockets."
998 #: build/C/man7/capabilities.7:283
1000 msgid "B<CAP_SYS_ADMIN>"
1004 #: build/C/man7/capabilities.7:297
1006 "Perform a range of system administration operations including: "
1007 "B<quotactl>(2), B<mount>(2), B<umount>(2), B<swapon>(2), B<swapoff>(2), "
1008 "B<sethostname>(2), and B<setdomainname>(2);"
1012 #: build/C/man7/capabilities.7:303
1014 "perform privileged B<syslog>(2) operations (since Linux 2.6.37, "
1015 "B<CAP_SYSLOG> should be used to permit such operations);"
1019 #: build/C/man7/capabilities.7:308
1020 msgid "perform B<VM86_REQUEST_IRQ> B<vm86>(2) command;"
1024 #: build/C/man7/capabilities.7:314
1026 "perform B<IPC_SET> and B<IPC_RMID> operations on arbitrary System V IPC "
1031 #: build/C/man7/capabilities.7:318 build/C/man7/capabilities.7:557
1032 msgid "override B<RLIMIT_NPROC> resource limit;"
1036 #: build/C/man7/capabilities.7:325
1038 "perform operations on I<trusted> and I<security> Extended Attributes (see "
1043 #: build/C/man7/capabilities.7:328
1044 msgid "use B<lookup_dcookie>(2);"
1048 #: build/C/man7/capabilities.7:336
1050 "use B<ioprio_set>(2) to assign B<IOPRIO_CLASS_RT> and (before Linux 2.6.25) "
1051 "B<IOPRIO_CLASS_IDLE> I/O scheduling classes;"
1055 #: build/C/man7/capabilities.7:338
1056 msgid "forge UID when passing socket credentials;"
1060 #: build/C/man7/capabilities.7:347
1062 "exceed I</proc/sys/fs/file-max>, the system-wide limit on the number of open "
1063 "files, in system calls that open files (e.g., B<accept>(2), B<execve>(2), "
1064 "B<open>(2), B<pipe>(2));"
1068 #: build/C/man7/capabilities.7:354
1070 "employ B<CLONE_*> flags that create new namespaces with B<clone>(2) and "
1075 #: build/C/man7/capabilities.7:357
1076 msgid "call B<perf_event_open>(2);"
1080 #: build/C/man7/capabilities.7:361
1081 msgid "access privileged I<perf> event information;"
1085 #: build/C/man7/capabilities.7:364
1086 msgid "call B<setns>(2);"
1090 #: build/C/man7/capabilities.7:367
1091 msgid "call B<fanotify_init>(2);"
1095 #: build/C/man7/capabilities.7:374
1096 msgid "perform B<KEYCTL_CHOWN> and B<KEYCTL_SETPERM> B<keyctl>(2) operations;"
1100 #: build/C/man7/capabilities.7:379
1101 msgid "perform B<madvise>(2) B<MADV_HWPOISON> operation;"
1105 #: build/C/man7/capabilities.7:385
1107 "employ the B<TIOCSTI> B<ioctl>(2) to insert characters into the input queue "
1108 "of a terminal other than the caller's controlling terminal;"
1112 #: build/C/man7/capabilities.7:389
1113 msgid "employ the obsolete B<nfsservctl>(2) system call;"
1117 #: build/C/man7/capabilities.7:393
1118 msgid "employ the obsolete B<bdflush>(2) system call;"
1122 #: build/C/man7/capabilities.7:397
1123 msgid "perform various privileged block-device B<ioctl>(2) operations;"
1127 #: build/C/man7/capabilities.7:401
1128 msgid "perform various privileged filesystem B<ioctl>(2) operations;"
1132 #: build/C/man7/capabilities.7:403
1133 msgid "perform administrative operations on many device drivers."
1137 #: build/C/man7/capabilities.7:405
1139 msgid "B<CAP_SYS_BOOT>"
1143 #: build/C/man7/capabilities.7:411
1144 msgid "Use B<reboot>(2) and B<kexec_load>(2)."
1148 #: build/C/man7/capabilities.7:411
1150 msgid "B<CAP_SYS_CHROOT>"
1154 #: build/C/man7/capabilities.7:415
1155 msgid "Use B<chroot>(2)."
1159 #: build/C/man7/capabilities.7:415
1161 msgid "B<CAP_SYS_MODULE>"
1165 #: build/C/man7/capabilities.7:424
1167 "Load and unload kernel modules (see B<init_module>(2) and "
1168 "B<delete_module>(2)); in kernels before 2.6.25: drop capabilities from the "
1169 "system-wide capability bounding set."
1173 #: build/C/man7/capabilities.7:424
1175 msgid "B<CAP_SYS_NICE>"
1179 #: build/C/man7/capabilities.7:433
1181 "Raise process nice value (B<nice>(2), B<setpriority>(2)) and change the "
1182 "nice value for arbitrary processes;"
1186 #: build/C/man7/capabilities.7:439
1188 "set real-time scheduling policies for calling process, and set scheduling "
1189 "policies and priorities for arbitrary processes (B<sched_setscheduler>(2), "
1190 "B<sched_setparam>(2), B<shed_setattr>(2));"
1194 #: build/C/man7/capabilities.7:442
1195 msgid "set CPU affinity for arbitrary processes (B<sched_setaffinity>(2));"
1199 #: build/C/man7/capabilities.7:445
1201 "set I/O scheduling class and priority for arbitrary processes "
1202 "(B<ioprio_set>(2));"
1205 #. FIXME CAP_SYS_NICE also has the following effect for
1206 #. migrate_pages(2):
1207 #. do_migrate_pages(mm, &old, &new,
1208 #. capable(CAP_SYS_NICE) ? MPOL_MF_MOVE_ALL : MPOL_MF_MOVE);
1210 #: build/C/man7/capabilities.7:454
1212 "apply B<migrate_pages>(2) to arbitrary processes and allow processes to be "
1213 "migrated to arbitrary nodes;"
1217 #: build/C/man7/capabilities.7:458
1218 msgid "apply B<move_pages>(2) to arbitrary processes;"
1222 #: build/C/man7/capabilities.7:465
1223 msgid "use the B<MPOL_MF_MOVE_ALL> flag with B<mbind>(2) and B<move_pages>(2)."
1227 #: build/C/man7/capabilities.7:467
1229 msgid "B<CAP_SYS_PACCT>"
1233 #: build/C/man7/capabilities.7:471
1234 msgid "Use B<acct>(2)."
1238 #: build/C/man7/capabilities.7:471
1240 msgid "B<CAP_SYS_PTRACE>"
1244 #: build/C/man7/capabilities.7:478
1245 msgid "Trace arbitrary processes using B<ptrace>(2);"
1249 #: build/C/man7/capabilities.7:482
1250 msgid "apply B<get_robust_list>(2) to arbitrary processes;"
1254 #: build/C/man7/capabilities.7:487
1256 "transfer data to or from the memory of arbitrary processes using "
1257 "B<process_vm_readv>(2) and B<process_vm_writev>(2)."
1261 #: build/C/man7/capabilities.7:490
1262 msgid "inspect processes using B<kcmp>(2)."
1266 #: build/C/man7/capabilities.7:492
1268 msgid "B<CAP_SYS_RAWIO>"
1272 #: build/C/man7/capabilities.7:501
1273 msgid "Perform I/O port operations (B<iopl>(2) and B<ioperm>(2));"
1277 #: build/C/man7/capabilities.7:504
1278 msgid "access I</proc/kcore>;"
1282 #: build/C/man7/capabilities.7:509
1283 msgid "employ the B<FIBMAP> B<ioctl>(2) operation;"
1287 #: build/C/man7/capabilities.7:512
1289 "open devices for accessing x86 model-specific registers (MSRs, see "
1294 #: build/C/man7/capabilities.7:515
1295 msgid "update I</proc/sys/vm/mmap_min_addr>;"
1299 #: build/C/man7/capabilities.7:518
1301 "create memory mappings at addresses below the value specified by "
1302 "I</proc/sys/vm/mmap_min_addr>;"
1306 #: build/C/man7/capabilities.7:521
1307 msgid "map files in I</proc/bus/pci>;"
1311 #: build/C/man7/capabilities.7:526
1312 msgid "open I</dev/mem> and I</dev/kmem>;"
1316 #: build/C/man7/capabilities.7:528
1317 msgid "perform various SCSI device commands;"
1321 #: build/C/man7/capabilities.7:534
1322 msgid "perform certain operations on B<hpsa>(4) and B<cciss>(4) devices;"
1326 #: build/C/man7/capabilities.7:536
1327 msgid "perform a range of device-specific operations on other devices."
1331 #: build/C/man7/capabilities.7:538
1333 msgid "B<CAP_SYS_RESOURCE>"
1337 #: build/C/man7/capabilities.7:544
1338 msgid "Use reserved space on ext2 filesystems;"
1342 #: build/C/man7/capabilities.7:548
1343 msgid "make B<ioctl>(2) calls controlling ext3 journaling;"
1347 #: build/C/man7/capabilities.7:550
1348 msgid "override disk quota limits;"
1352 #: build/C/man7/capabilities.7:553
1353 msgid "increase resource limits (see B<setrlimit>(2));"
1357 #: build/C/man7/capabilities.7:559
1358 msgid "override maximum number of consoles on console allocation;"
1362 #: build/C/man7/capabilities.7:561
1363 msgid "override maximum number of keymaps;"
1367 #: build/C/man7/capabilities.7:563
1368 msgid "allow more than 64hz interrupts from the real-time clock;"
1372 #: build/C/man7/capabilities.7:572
1374 "raise I<msg_qbytes> limit for a System V message queue above the limit in "
1375 "I</proc/sys/kernel/msgmnb> (see B<msgop>(2) and B<msgctl>(2));"
1379 #: build/C/man7/capabilities.7:579
1381 "override the I</proc/sys/fs/pipe-size-max> limit when setting the capacity "
1382 "of a pipe using the B<F_SETPIPE_SZ> B<fcntl>(2) command."
1386 #: build/C/man7/capabilities.7:584
1388 "use B<F_SETPIPE_SZ> to increase the capacity of a pipe above the limit "
1389 "specified by I</proc/sys/fs/pipe-max-size>;"
1393 #: build/C/man7/capabilities.7:589
1395 "override I</proc/sys/fs/mqueue/queues_max> limit when creating POSIX message "
1396 "queues (see B<mq_overview>(7));"
1400 #: build/C/man7/capabilities.7:594
1401 msgid "employ B<prctl>(2) B<PR_SET_MM> operation;"
1405 #: build/C/man7/capabilities.7:599
1407 "set I</proc/PID/oom_score_adj> to a value lower than the value last set by a "
1408 "process with B<CAP_SYS_RESOURCE>."
1412 #: build/C/man7/capabilities.7:601
1414 msgid "B<CAP_SYS_TIME>"
1418 #: build/C/man7/capabilities.7:608
1420 "Set system clock (B<settimeofday>(2), B<stime>(2), B<adjtimex>(2)); set "
1421 "real-time (hardware) clock."
1425 #: build/C/man7/capabilities.7:608
1427 msgid "B<CAP_SYS_TTY_CONFIG>"
1431 #: build/C/man7/capabilities.7:615
1433 "Use B<vhangup>(2); employ various privileged B<ioctl>(2) operations on "
1434 "virtual terminals."
1438 #: build/C/man7/capabilities.7:615
1440 msgid "B<CAP_SYSLOG> (since Linux 2.6.37)"
1444 #: build/C/man7/capabilities.7:626
1446 "Perform privileged B<syslog>(2) operations. See B<syslog>(2) for "
1447 "information on which operations require privilege."
1451 #: build/C/man7/capabilities.7:636
1453 "View kernel addresses exposed via I</proc> and other interfaces when "
1454 "I</proc/sys/kernel/kptr_restrict> has the value 1. (See the discussion of "
1455 "the I<kptr_restrict> in B<proc>(5).)"
1459 #: build/C/man7/capabilities.7:638
1461 msgid "B<CAP_WAKE_ALARM> (since Linux 3.0)"
1465 #: build/C/man7/capabilities.7:646
1467 "Trigger something that will wake up the system (set B<CLOCK_REALTIME_ALARM> "
1468 "and B<CLOCK_BOOTTIME_ALARM> timers)."
1472 #: build/C/man7/capabilities.7:646
1474 msgid "Past and current implementation"
1478 #: build/C/man7/capabilities.7:648
1479 msgid "A full implementation of capabilities requires that:"
1483 #: build/C/man7/capabilities.7:648 build/C/man7/capabilities.7:799 build/C/man7/capabilities.7:946 build/C/man7/capabilities.7:999
1489 #: build/C/man7/capabilities.7:652
1491 "For all privileged operations, the kernel must check whether the thread has "
1492 "the required capability in its effective set."
1496 #: build/C/man7/capabilities.7:652 build/C/man7/capabilities.7:804 build/C/man7/capabilities.7:952 build/C/man7/capabilities.7:1005
1502 #: build/C/man7/capabilities.7:655
1504 "The kernel must provide system calls allowing a thread's capability sets to "
1505 "be changed and retrieved."
1509 #: build/C/man7/capabilities.7:655 build/C/man7/capabilities.7:955 build/C/man7/capabilities.7:1009
1515 #: build/C/man7/capabilities.7:658
1517 "The filesystem must support attaching capabilities to an executable file, so "
1518 "that a process gains those capabilities when the file is executed."
1522 #: build/C/man7/capabilities.7:662
1524 "Before kernel 2.6.24, only the first two of these requirements are met; "
1525 "since kernel 2.6.24, all three requirements are met."
1529 #: build/C/man7/capabilities.7:662
1531 msgid "Thread capability sets"
1535 #: build/C/man7/capabilities.7:665
1537 "Each thread has three capability sets containing zero or more of the above "
1542 #: build/C/man7/capabilities.7:665
1544 msgid "I<Permitted>:"
1548 #: build/C/man7/capabilities.7:673
1550 "This is a limiting superset for the effective capabilities that the thread "
1551 "may assume. It is also a limiting superset for the capabilities that may be "
1552 "added to the inheritable set by a thread that does not have the "
1553 "B<CAP_SETPCAP> capability in its effective set."
1557 #: build/C/man7/capabilities.7:679
1559 "If a thread drops a capability from its permitted set, it can never "
1560 "reacquire that capability (unless it B<execve>(2)s either a set-user-ID-root "
1561 "program, or a program whose associated file capabilities grant that "
1566 #: build/C/man7/capabilities.7:679
1568 msgid "I<Inheritable>:"
1572 #: build/C/man7/capabilities.7:686
1574 "This is a set of capabilities preserved across an B<execve>(2). It provides "
1575 "a mechanism for a process to assign capabilities to the permitted set of the "
1576 "new program during an B<execve>(2)."
1580 #: build/C/man7/capabilities.7:686 build/C/man7/capabilities.7:736
1582 msgid "I<Effective>:"
1586 #: build/C/man7/capabilities.7:690
1588 "This is the set of capabilities used by the kernel to perform permission "
1589 "checks for the thread."
1593 #: build/C/man7/capabilities.7:696
1595 "A child created via B<fork>(2) inherits copies of its parent's capability "
1596 "sets. See below for a discussion of the treatment of capabilities during "
1601 #: build/C/man7/capabilities.7:700
1603 "Using B<capset>(2), a thread may manipulate its own capability sets (see "
1607 #. commit 73efc0394e148d0e15583e13712637831f926720
1609 #: build/C/man7/capabilities.7:709
1611 "Since Linux 3.2, the file I</proc/sys/kernel/cap_last_cap> exposes the "
1612 "numerical value of the highest capability supported by the running kernel; "
1613 "this can be used to determine the highest bit that may be set in a "
1618 #: build/C/man7/capabilities.7:709
1620 msgid "File capabilities"
1624 #: build/C/man7/capabilities.7:724
1626 "Since kernel 2.6.24, the kernel supports associating capability sets with an "
1627 "executable file using B<setcap>(8). The file capability sets are stored in "
1628 "an extended attribute (see B<setxattr>(2)) named I<security.capability>. "
1629 "Writing to this extended attribute requires the B<CAP_SETFCAP> capability. "
1630 "The file capability sets, in conjunction with the capability sets of the "
1631 "thread, determine the capabilities of a thread after an B<execve>(2)."
1635 #: build/C/man7/capabilities.7:726
1636 msgid "The three file capability sets are:"
1640 #: build/C/man7/capabilities.7:726
1642 msgid "I<Permitted> (formerly known as I<forced>):"
1646 #: build/C/man7/capabilities.7:730
1648 "These capabilities are automatically permitted to the thread, regardless of "
1649 "the thread's inheritable capabilities."
1653 #: build/C/man7/capabilities.7:730
1655 msgid "I<Inheritable> (formerly known as I<allowed>):"
1659 #: build/C/man7/capabilities.7:736
1661 "This set is ANDed with the thread's inheritable set to determine which "
1662 "inheritable capabilities are enabled in the permitted set of the thread "
1663 "after the B<execve>(2)."
1667 #: build/C/man7/capabilities.7:746
1669 "This is not a set, but rather just a single bit. If this bit is set, then "
1670 "during an B<execve>(2) all of the new permitted capabilities for the thread "
1671 "are also raised in the effective set. If this bit is not set, then after an "
1672 "B<execve>(2), none of the new permitted capabilities is in the new effective "
1677 #: build/C/man7/capabilities.7:762
1679 "Enabling the file effective capability bit implies that any file permitted "
1680 "or inheritable capability that causes a thread to acquire the corresponding "
1681 "permitted capability during an B<execve>(2) (see the transformation rules "
1682 "described below) will also acquire that capability in its effective set. "
1683 "Therefore, when assigning capabilities to a file (B<setcap>(8), "
1684 "B<cap_set_file>(3), B<cap_set_fd>(3)), if we specify the effective flag as "
1685 "being enabled for any capability, then the effective flag must also be "
1686 "specified as enabled for all other capabilities for which the corresponding "
1687 "permitted or inheritable flags is enabled."
1691 #: build/C/man7/capabilities.7:762
1693 msgid "Transformation of capabilities during execve()"
1697 #: build/C/man7/capabilities.7:768
1699 "During an B<execve>(2), the kernel calculates the new capabilities of the "
1700 "process using the following algorithm:"
1704 #: build/C/man7/capabilities.7:773
1707 "P'(permitted) = (P(inheritable) & F(inheritable)) |\n"
1708 " (F(permitted) & cap_bset)\n"
1712 #: build/C/man7/capabilities.7:775
1714 msgid "P'(effective) = F(effective) ? P'(permitted) : 0\n"
1718 #: build/C/man7/capabilities.7:777
1720 msgid "P'(inheritable) = P(inheritable) [i.e., unchanged]\n"
1724 #: build/C/man7/capabilities.7:781
1729 #: build/C/man7/capabilities.7:782
1735 #: build/C/man7/capabilities.7:785
1736 msgid "denotes the value of a thread capability set before the B<execve>(2)"
1740 #: build/C/man7/capabilities.7:785
1746 #: build/C/man7/capabilities.7:788
1747 msgid "denotes the value of a capability set after the B<execve>(2)"
1751 #: build/C/man7/capabilities.7:788
1757 #: build/C/man7/capabilities.7:790
1758 msgid "denotes a file capability set"
1762 #: build/C/man7/capabilities.7:790
1768 #: build/C/man7/capabilities.7:792
1769 msgid "is the value of the capability bounding set (described below)."
1773 #: build/C/man7/capabilities.7:794
1775 msgid "Capabilities and execution of programs by root"
1779 #: build/C/man7/capabilities.7:799
1781 "In order to provide an all-powerful I<root> using capability sets, during an "
1786 #: build/C/man7/capabilities.7:804
1788 "If a set-user-ID-root program is being executed, or the real user ID of the "
1789 "process is 0 (root) then the file inheritable and permitted sets are "
1790 "defined to be all ones (i.e., all capabilities enabled)."
1794 #: build/C/man7/capabilities.7:807
1796 "If a set-user-ID-root program is being executed, then the file effective bit "
1797 "is defined to be one (enabled)."
1800 #. If a process with real UID 0, and nonzero effective UID does an
1801 #. exec(), then it gets all capabilities in its
1802 #. permitted set, and no effective capabilities
1804 #: build/C/man7/capabilities.7:822
1806 "The upshot of the above rules, combined with the capabilities "
1807 "transformations described above, is that when a process B<execve>(2)s a "
1808 "set-user-ID-root program, or when a process with an effective UID of 0 "
1809 "B<execve>(2)s a program, it gains all capabilities in its permitted and "
1810 "effective capability sets, except those masked out by the capability "
1811 "bounding set. This provides semantics that are the same as those provided "
1812 "by traditional UNIX systems."
1816 #: build/C/man7/capabilities.7:822
1818 msgid "Capability bounding set"
1822 #: build/C/man7/capabilities.7:827
1824 "The capability bounding set is a security mechanism that can be used to "
1825 "limit the capabilities that can be gained during an B<execve>(2). The "
1826 "bounding set is used in the following ways:"
1830 #: build/C/man7/capabilities.7:835
1832 "During an B<execve>(2), the capability bounding set is ANDed with the file "
1833 "permitted capability set, and the result of this operation is assigned to "
1834 "the thread's permitted capability set. The capability bounding set thus "
1835 "places a limit on the permitted capabilities that may be granted by an "
1840 #: build/C/man7/capabilities.7:847
1842 "(Since Linux 2.6.25) The capability bounding set acts as a limiting "
1843 "superset for the capabilities that a thread can add to its inheritable set "
1844 "using B<capset>(2). This means that if a capability is not in the bounding "
1845 "set, then a thread can't add this capability to its inheritable set, even if "
1846 "it was in its permitted capabilities, and thereby cannot have this "
1847 "capability preserved in its permitted set when it B<execve>(2)s a file that "
1848 "has the capability in its inheritable set."
1852 #: build/C/man7/capabilities.7:854
1854 "Note that the bounding set masks the file permitted capabilities, but not "
1855 "the inherited capabilities. If a thread maintains a capability in its "
1856 "inherited set that is not in its bounding set, then it can still gain that "
1857 "capability in its permitted set by executing a file that has the capability "
1858 "in its inherited set."
1862 #: build/C/man7/capabilities.7:857
1864 "Depending on the kernel version, the capability bounding set is either a "
1865 "system-wide attribute, or a per-process attribute."
1869 #: build/C/man7/capabilities.7:859
1870 msgid "B<Capability bounding set prior to Linux 2.6.25>"
1874 #: build/C/man7/capabilities.7:867
1876 "In kernels before 2.6.25, the capability bounding set is a system-wide "
1877 "attribute that affects all threads on the system. The bounding set is "
1878 "accessible via the file I</proc/sys/kernel/cap-bound>. (Confusingly, this "
1879 "bit mask parameter is expressed as a signed decimal number in "
1880 "I</proc/sys/kernel/cap-bound>.)"
1884 #: build/C/man7/capabilities.7:874
1886 "Only the B<init> process may set capabilities in the capability bounding "
1887 "set; other than that, the superuser (more precisely: programs with the "
1888 "B<CAP_SYS_MODULE> capability) may only clear capabilities from this set."
1892 #: build/C/man7/capabilities.7:883
1894 "On a standard system the capability bounding set always masks out the "
1895 "B<CAP_SETPCAP> capability. To remove this restriction (dangerous!), modify "
1896 "the definition of B<CAP_INIT_EFF_SET> in I<include/linux/capability.h> and "
1897 "rebuild the kernel."
1901 #: build/C/man7/capabilities.7:887
1903 "The system-wide capability bounding set feature was added to Linux starting "
1904 "with kernel version 2.2.11."
1908 #: build/C/man7/capabilities.7:889
1909 msgid "B<Capability bounding set from Linux 2.6.25 onward>"
1913 #: build/C/man7/capabilities.7:894
1915 "From Linux 2.6.25, the I<capability bounding set> is a per-thread "
1916 "attribute. (There is no longer a system-wide capability bounding set.)"
1920 #: build/C/man7/capabilities.7:899
1922 "The bounding set is inherited at B<fork>(2) from the thread's parent, and "
1923 "is preserved across an B<execve>(2)."
1927 #: build/C/man7/capabilities.7:912
1929 "A thread may remove capabilities from its capability bounding set using the "
1930 "B<prctl>(2) B<PR_CAPBSET_DROP> operation, provided it has the "
1931 "B<CAP_SETPCAP> capability. Once a capability has been dropped from the "
1932 "bounding set, it cannot be restored to that set. A thread can determine if "
1933 "a capability is in its bounding set using the B<prctl>(2) "
1934 "B<PR_CAPBSET_READ> operation."
1938 #: build/C/man7/capabilities.7:930
1940 "Removing capabilities from the bounding set is supported only if file "
1941 "capabilities are compiled into the kernel. In kernels before Linux 2.6.33, "
1942 "file capabilities were an optional feature configurable via the "
1943 "CONFIG_SECURITY_FILE_CAPABILITIES option. Since Linux 2.6.33, the "
1944 "configuration option has been removed and file capabilities are always part "
1945 "of the kernel. When file capabilities are compiled into the kernel, the "
1946 "B<init> process (the ancestor of all processes) begins with a full bounding "
1947 "set. If file capabilities are not compiled into the kernel, then B<init> "
1948 "begins with a full bounding set minus B<CAP_SETPCAP>, because this "
1949 "capability has a different meaning when there are no file capabilities."
1953 #: build/C/man7/capabilities.7:937
1955 "Removing a capability from the bounding set does not remove it from the "
1956 "thread's inherited set. However it does prevent the capability from being "
1957 "added back into the thread's inherited set in the future."
1961 #: build/C/man7/capabilities.7:937
1963 msgid "Effect of user ID changes on capabilities"
1967 #: build/C/man7/capabilities.7:946
1969 "To preserve the traditional semantics for transitions between 0 and nonzero "
1970 "user IDs, the kernel makes the following changes to a thread's capability "
1971 "sets on changes to the thread's real, effective, saved set, and filesystem "
1972 "user IDs (using B<setuid>(2), B<setresuid>(2), or similar):"
1976 #: build/C/man7/capabilities.7:952
1978 "If one or more of the real, effective or saved set user IDs was previously "
1979 "0, and as a result of the UID changes all of these IDs have a nonzero value, "
1980 "then all capabilities are cleared from the permitted and effective "
1985 #: build/C/man7/capabilities.7:955
1987 "If the effective user ID is changed from 0 to nonzero, then all capabilities "
1988 "are cleared from the effective set."
1992 #: build/C/man7/capabilities.7:958
1994 "If the effective user ID is changed from nonzero to 0, then the permitted "
1995 "set is copied to the effective set."
1999 #: build/C/man7/capabilities.7:958 build/C/man7/capabilities.7:1013
2005 #: build/C/man7/capabilities.7:976
2007 "If the filesystem user ID is changed from 0 to nonzero (see B<setfsuid>(2)), "
2008 "then the following capabilities are cleared from the effective set: "
2009 "B<CAP_CHOWN>, B<CAP_DAC_OVERRIDE>, B<CAP_DAC_READ_SEARCH>, B<CAP_FOWNER>, "
2010 "B<CAP_FSETID>, B<CAP_LINUX_IMMUTABLE> (since Linux 2.6.30), "
2011 "B<CAP_MAC_OVERRIDE>, and B<CAP_MKNOD> (since Linux 2.6.30). If the "
2012 "filesystem UID is changed from nonzero to 0, then any of these capabilities "
2013 "that are enabled in the permitted set are enabled in the effective set."
2017 #: build/C/man7/capabilities.7:984
2019 "If a thread that has a 0 value for one or more of its user IDs wants to "
2020 "prevent its permitted capability set being cleared when it resets all of its "
2021 "user IDs to nonzero values, it can do so using the B<prctl>(2) "
2022 "B<PR_SET_KEEPCAPS> operation."
2026 #: build/C/man7/capabilities.7:984
2028 msgid "Programmatically adjusting capability sets"
2032 #: build/C/man7/capabilities.7:999
2034 "A thread can retrieve and change its capability sets using the B<capget>(2) "
2035 "and B<capset>(2) system calls. However, the use of B<cap_get_proc>(3) and "
2036 "B<cap_set_proc>(3), both provided in the I<libcap> package, is preferred for "
2037 "this purpose. The following rules govern changes to the thread capability "
2042 #: build/C/man7/capabilities.7:1005
2044 "If the caller does not have the B<CAP_SETPCAP> capability, the new "
2045 "inheritable set must be a subset of the combination of the existing "
2046 "inheritable and permitted sets."
2050 #: build/C/man7/capabilities.7:1009
2052 "(Since Linux 2.6.25) The new inheritable set must be a subset of the "
2053 "combination of the existing inheritable set and the capability bounding set."
2057 #: build/C/man7/capabilities.7:1013
2059 "The new permitted set must be a subset of the existing permitted set (i.e., "
2060 "it is not possible to acquire permitted capabilities that the thread does "
2061 "not currently have)."
2065 #: build/C/man7/capabilities.7:1015
2066 msgid "The new effective set must be a subset of the new permitted set."
2070 #: build/C/man7/capabilities.7:1015
2072 msgid "The securebits flags: establishing a capabilities-only environment"
2075 #. For some background:
2076 #. see http://lwn.net/Articles/280279/ and
2077 #. http://article.gmane.org/gmane.linux.kernel.lsm/5476/
2079 #: build/C/man7/capabilities.7:1026
2081 "Starting with kernel 2.6.26, and with a kernel in which file capabilities "
2082 "are enabled, Linux implements a set of per-thread I<securebits> flags that "
2083 "can be used to disable special handling of capabilities for UID 0 "
2084 "(I<root>). These flags are as follows:"
2088 #: build/C/man7/capabilities.7:1026
2090 msgid "B<SECBIT_KEEP_CAPS>"
2094 #: build/C/man7/capabilities.7:1038
2096 "Setting this flag allows a thread that has one or more 0 UIDs to retain its "
2097 "capabilities when it switches all of its UIDs to a nonzero value. If this "
2098 "flag is not set, then such a UID switch causes the thread to lose all "
2099 "capabilities. This flag is always cleared on an B<execve>(2). (This flag "
2100 "provides the same functionality as the older B<prctl>(2) B<PR_SET_KEEPCAPS> "
2105 #: build/C/man7/capabilities.7:1038
2107 msgid "B<SECBIT_NO_SETUID_FIXUP>"
2111 #: build/C/man7/capabilities.7:1045
2113 "Setting this flag stops the kernel from adjusting capability sets when the "
2114 "threads's effective and filesystem UIDs are switched between zero and "
2115 "nonzero values. (See the subsection I<Effect of User ID Changes on "
2120 #: build/C/man7/capabilities.7:1045
2122 msgid "B<SECBIT_NOROOT>"
2126 #: build/C/man7/capabilities.7:1053
2128 "If this bit is set, then the kernel does not grant capabilities when a "
2129 "set-user-ID-root program is executed, or when a process with an effective or "
2130 "real UID of 0 calls B<execve>(2). (See the subsection I<Capabilities and "
2131 "execution of programs by root>.)"
2135 #: build/C/man7/capabilities.7:1063
2137 "Each of the above \"base\" flags has a companion \"locked\" flag. Setting "
2138 "any of the \"locked\" flags is irreversible, and has the effect of "
2139 "preventing further changes to the corresponding \"base\" flag. The locked "
2140 "flags are: B<SECBIT_KEEP_CAPS_LOCKED>, B<SECBIT_NO_SETUID_FIXUP_LOCKED>, and "
2141 "B<SECBIT_NOROOT_LOCKED>."
2145 #: build/C/man7/capabilities.7:1075
2147 "The I<securebits> flags can be modified and retrieved using the B<prctl>(2) "
2148 "B<PR_SET_SECUREBITS> and B<PR_GET_SECUREBITS> operations. The "
2149 "B<CAP_SETPCAP> capability is required to modify the flags."
2153 #: build/C/man7/capabilities.7:1084
2155 "The I<securebits> flags are inherited by child processes. During an "
2156 "B<execve>(2), all of the flags are preserved, except B<SECBIT_KEEP_CAPS> "
2157 "which is always cleared."
2161 #: build/C/man7/capabilities.7:1089
2163 "An application can use the following call to lock itself, and all of its "
2164 "descendants, into an environment where the only way of gaining capabilities "
2165 "is by executing a program with associated file capabilities:"
2169 #: build/C/man7/capabilities.7:1098
2172 "prctl(PR_SET_SECUREBITS,\n"
2173 " SECBIT_KEEP_CAPS_LOCKED |\n"
2174 " SECBIT_NO_SETUID_FIXUP |\n"
2175 " SECBIT_NO_SETUID_FIXUP_LOCKED |\n"
2176 " SECBIT_NOROOT |\n"
2177 " SECBIT_NOROOT_LOCKED);\n"
2181 #: build/C/man7/capabilities.7:1106
2183 "No standards govern capabilities, but the Linux capability implementation is "
2184 "based on the withdrawn POSIX.1e draft standard; see E<.UR "
2185 "http://wt.tuxomania.net\\:/publications\\:/posix.1e/> E<.UE .>"
2189 #: build/C/man7/capabilities.7:1110
2191 "Since kernel 2.5.27, capabilities are an optional kernel component, and can "
2192 "be enabled/disabled via the CONFIG_SECURITY_CAPABILITIES kernel "
2193 "configuration option."
2196 #. 7b9a7ec565505699f503b4fcf61500dceb36e744
2198 #: build/C/man7/capabilities.7:1124
2200 "The I</proc/PID/task/TID/status> file can be used to view the capability "
2201 "sets of a thread. The I</proc/PID/status> file shows the capability sets of "
2202 "a process's main thread. Before Linux 3.8, nonexistent capabilities were "
2203 "shown as being enabled (1) in these sets. Since Linux 3.8, all nonexistent "
2204 "capabilities (above B<CAP_LAST_CAP>) are shown as disabled (0)."
2208 #: build/C/man7/capabilities.7:1139
2210 "The I<libcap> package provides a suite of routines for setting and getting "
2211 "capabilities that is more comfortable and less likely to change than the "
2212 "interface provided by B<capset>(2) and B<capget>(2). This package also "
2213 "provides the B<setcap>(8) and B<getcap>(8) programs. It can be found at"
2217 #: build/C/man7/capabilities.7:1142
2220 "http://www.kernel.org\\:/pub\\:/linux\\:/libs\\:/security\\:/linux-privs> "
2225 #: build/C/man7/capabilities.7:1151
2227 "Before kernel 2.6.24, and since kernel 2.6.24 if file capabilities are not "
2228 "enabled, a thread with the B<CAP_SETPCAP> capability can manipulate the "
2229 "capabilities of threads other than itself. However, this is only "
2230 "theoretically possible, since no thread ever has B<CAP_SETPCAP> in either of "
2235 #: build/C/man7/capabilities.7:1156
2237 "In the pre-2.6.25 implementation the system-wide capability bounding set, "
2238 "I</proc/sys/kernel/cap-bound>, always masks out this capability, and this "
2239 "can not be changed without modifying the kernel source and rebuilding."
2243 #: build/C/man7/capabilities.7:1162
2245 "If file capabilities are disabled in the current implementation, then "
2246 "B<init> starts out with this capability removed from its per-process "
2247 "bounding set, and that bounding set is inherited by all other processes "
2248 "created on the system."
2252 #: build/C/man7/capabilities.7:1180
2254 "B<capsh>(1), B<capget>(2), B<prctl>(2), B<setfsuid>(2), B<cap_clear>(3), "
2255 "B<cap_copy_ext>(3), B<cap_from_text>(3), B<cap_get_file>(3), "
2256 "B<cap_get_proc>(3), B<cap_init>(3), B<capgetp>(3), B<capsetp>(3), "
2257 "B<libcap>(3), B<credentials>(7), B<pthreads>(7), B<getcap>(8), B<setcap>(8)"
2261 #: build/C/man7/capabilities.7:1183
2262 msgid "I<include/linux/capability.h> in the Linux kernel source tree"
2266 #: build/C/man2/capget.2:15
2272 #: build/C/man2/capget.2:15
2278 #: build/C/man2/capget.2:18
2279 msgid "capget, capset - set/get capabilities of thread(s)"
2283 #: build/C/man2/capget.2:20
2284 msgid "B<#include E<lt>sys/capability.hE<gt>>"
2288 #: build/C/man2/capget.2:22
2289 msgid "B<int capget(cap_user_header_t >I<hdrp>B<, cap_user_data_t >I<datap>B<);>"
2293 #: build/C/man2/capget.2:24
2295 "B<int capset(cap_user_header_t >I<hdrp>B<, const cap_user_data_t "
2300 #: build/C/man2/capget.2:35
2302 "As of Linux 2.2, the power of the superuser (root) has been partitioned into "
2303 "a set of discrete capabilities. Each thread has a set of effective "
2304 "capabilities identifying which capabilities (if any) it may currently "
2305 "exercise. Each thread also has a set of inheritable capabilities that may "
2306 "be passed through an B<execve>(2) call, and a set of permitted capabilities "
2307 "that it can make effective or inheritable."
2311 #: build/C/man2/capget.2:44
2313 "These two system calls are the raw kernel interface for getting and setting "
2314 "thread capabilities. Not only are these system calls specific to Linux, but "
2315 "the kernel API is likely to change and use of these system calls (in "
2316 "particular the format of the I<cap_user_*_t> types) is subject to extension "
2317 "with each kernel revision, but old programs will keep working."
2321 #: build/C/man2/capget.2:55
2323 "The portable interfaces are B<cap_set_proc>(3) and B<cap_get_proc>(3); if "
2324 "possible, you should use those interfaces in applications. If you wish to "
2325 "use the Linux extensions in applications, you should use the easier-to-use "
2326 "interfaces B<capsetp>(3) and B<capgetp>(3)."
2330 #: build/C/man2/capget.2:55
2332 msgid "Current details"
2336 #: build/C/man2/capget.2:58
2338 "Now that you have been warned, some current kernel details. The structures "
2339 "are defined as follows."
2343 #: build/C/man2/capget.2:63
2346 "#define _LINUX_CAPABILITY_VERSION_1 0x19980330\n"
2347 "#define _LINUX_CAPABILITY_U32S_1 1\n"
2351 #: build/C/man2/capget.2:66
2354 "#define _LINUX_CAPABILITY_VERSION_2 0x20071026\n"
2355 "#define _LINUX_CAPABILITY_U32S_2 2\n"
2359 #: build/C/man2/capget.2:71
2362 "typedef struct __user_cap_header_struct {\n"
2365 "} *cap_user_header_t;\n"
2369 #: build/C/man2/capget.2:77
2372 "typedef struct __user_cap_data_struct {\n"
2373 " __u32 effective;\n"
2374 " __u32 permitted;\n"
2375 " __u32 inheritable;\n"
2376 "} *cap_user_data_t;\n"
2380 #: build/C/man2/capget.2:96
2382 "The I<effective>, I<permitted>, and I<inheritable> fields are bit masks of "
2383 "the capabilities defined in B<capabilities>(7). Note the B<CAP_*> values "
2384 "are bit indexes and need to be bit-shifted before ORing into the bit "
2385 "fields. To define the structures for passing to the system call you have to "
2386 "use the I<struct __user_cap_header_struct> and I<struct "
2387 "__user_cap_data_struct> names because the typedefs are only pointers."
2391 #: build/C/man2/capget.2:108
2393 "Kernels prior to 2.6.25 prefer 32-bit capabilities with version "
2394 "B<_LINUX_CAPABILITY_VERSION_1>, and kernels 2.6.25+ prefer 64-bit "
2395 "capabilities with version B<_LINUX_CAPABILITY_VERSION_2>. Note, 64-bit "
2396 "capabilities use I<datap>[0] and I<datap>[1], whereas 32-bit capabilities "
2397 "use only I<datap>[0]."
2401 #: build/C/man2/capget.2:112
2403 "Another change affecting the behavior of these system calls is kernel "
2404 "support for file capabilities (VFS capability support). This support is "
2405 "currently a compile time option (added in kernel 2.6.24)."
2409 #: build/C/man2/capget.2:119
2411 "For B<capget>() calls, one can probe the capabilities of any process by "
2412 "specifying its process ID with the I<hdrp-E<gt>pid> field value."
2416 #: build/C/man2/capget.2:119
2418 msgid "With VFS capability support"
2422 #: build/C/man2/capget.2:131
2424 "VFS Capability support creates a file-attribute method for adding "
2425 "capabilities to privileged executables. This privilege model obsoletes "
2426 "kernel support for one process asynchronously setting the capabilities of "
2427 "another. That is, with VFS support, for B<capset>() calls the only "
2428 "permitted values for I<hdrp-E<gt>pid> are 0 or B<getpid>(2), which are "
2433 #: build/C/man2/capget.2:131
2435 msgid "Without VFS capability support"
2439 #: build/C/man2/capget.2:157
2441 "When the kernel does not support VFS capabilities, B<capset>() calls can "
2442 "operate on the capabilities of the thread specified by the I<pid> field of "
2443 "I<hdrp> when that is nonzero, or on the capabilities of the calling thread "
2444 "if I<pid> is 0. If I<pid> refers to a single-threaded process, then I<pid> "
2445 "can be specified as a traditional process ID; operating on a thread of a "
2446 "multithreaded process requires a thread ID of the type returned by "
2447 "B<gettid>(2). For B<capset>(), I<pid> can also be: -1, meaning perform the "
2448 "change on all threads except the caller and B<init>(8); or a value less than "
2449 "-1, in which case the change is applied to all members of the process group "
2450 "whose ID is -I<pid>."
2454 #: build/C/man2/capget.2:160
2455 msgid "For details on the data, see B<capabilities>(7)."
2459 #: build/C/man2/capget.2:179
2461 "The calls will fail with the error B<EINVAL>, and set the I<version> field "
2462 "of I<hdrp> to the kernel preferred value of B<_LINUX_CAPABILITY_VERSION_?> "
2463 "when an unsupported I<version> value is specified. In this way, one can "
2464 "probe what the current preferred capability revision is."
2468 #: build/C/man2/capget.2:188
2470 "Bad memory address. I<hdrp> must not be NULL. I<datap> may be NULL only "
2471 "when the user is trying to determine the preferred capability version format "
2472 "supported by the kernel."
2476 #: build/C/man2/capget.2:188 build/C/man7/cpuset.7:1180 build/C/man7/cpuset.7:1189 build/C/man7/cpuset.7:1198 build/C/man7/cpuset.7:1208 build/C/man7/cpuset.7:1217 build/C/man7/cpuset.7:1224 build/C/man7/cpuset.7:1231 build/C/man2/getgroups.2:114 build/C/man2/getgroups.2:121 build/C/man2/getpriority.2:121 build/C/man2/getrlimit.2:445 build/C/man2/getrusage.2:198 build/C/man2/iopl.2:72 build/C/man2/ioprio_set.2:170 build/C/man2/setpgid.2:225
2482 #: build/C/man2/capget.2:191
2483 msgid "One of the arguments was invalid."
2487 #: build/C/man2/capget.2:196
2489 "An attempt was made to add a capability to the Permitted set, or to set a "
2490 "capability in the Effective or Inheritable sets that is not in the Permitted "
2495 #: build/C/man2/capget.2:215
2497 "The caller attempted to use B<capset>() to modify the capabilities of a "
2498 "thread other than itself, but lacked sufficient privilege. For kernels "
2499 "supporting VFS capabilities, this is never permitted. For kernels lacking "
2500 "VFS support, the B<CAP_SETPCAP> capability is required. (A bug in kernels "
2501 "before 2.6.11 meant that this error could also occur if a thread without "
2502 "this capability tried to change its own capabilities by specifying the "
2503 "I<pid> field as a nonzero value (i.e., the value returned by B<getpid>(2)) "
2508 #: build/C/man2/capget.2:215 build/C/man7/cpuset.7:1330 build/C/man2/getpriority.2:129 build/C/man2/getrlimit.2:469 build/C/man2/getsid.2:70 build/C/man2/ioprio_set.2:187 build/C/man2/setpgid.2:240
2514 #: build/C/man2/capget.2:218
2515 msgid "No such thread."
2519 #: build/C/man2/capget.2:220 build/C/man2/ioprio_set.2:198
2520 msgid "These system calls are Linux-specific."
2524 #: build/C/man2/capget.2:225
2526 "The portable interface to the capability querying and setting functions is "
2527 "provided by the I<libcap> library and is available here:"
2531 #: build/C/man2/capget.2:228
2534 "http://git.kernel.org/cgit\\:/linux\\:/kernel\\:/git\\:/morgan\\:\\:/libcap.git> "
2539 #: build/C/man2/capget.2:232
2540 msgid "B<clone>(2), B<gettid>(2), B<capabilities>(7)"
2544 #: build/C/man7/cpuset.7:25
2550 #: build/C/man7/cpuset.7:28
2551 msgid "cpuset - confine processes to processor and memory node subsets"
2555 #: build/C/man7/cpuset.7:35
2557 "The cpuset filesystem is a pseudo-filesystem interface to the kernel cpuset "
2558 "mechanism, which is used to control the processor placement and memory "
2559 "placement of processes. It is commonly mounted at I</dev/cpuset>."
2563 #: build/C/man7/cpuset.7:52
2565 "On systems with kernels compiled with built in support for cpusets, all "
2566 "processes are attached to a cpuset, and cpusets are always present. If a "
2567 "system supports cpusets, then it will have the entry B<nodev cpuset> in the "
2568 "file I</proc/filesystems>. By mounting the cpuset filesystem (see the "
2569 "B<EXAMPLE> section below), the administrator can configure the cpusets on a "
2570 "system to control the processor and memory placement of processes on that "
2571 "system. By default, if the cpuset configuration on a system is not modified "
2572 "or if the cpuset filesystem is not even mounted, then the cpuset mechanism, "
2573 "though present, has no affect on the system's behavior."
2577 #: build/C/man7/cpuset.7:54
2578 msgid "A cpuset defines a list of CPUs and memory nodes."
2582 #: build/C/man7/cpuset.7:63
2584 "The CPUs of a system include all the logical processing units on which a "
2585 "process can execute, including, if present, multiple processor cores within "
2586 "a package and Hyper-Threads within a processor core. Memory nodes include "
2587 "all distinct banks of main memory; small and SMP systems typically have just "
2588 "one memory node that contains all the system's main memory, while NUMA "
2589 "(non-uniform memory access) systems have multiple memory nodes."
2593 #: build/C/man7/cpuset.7:73
2595 "Cpusets are represented as directories in a hierarchical pseudo-filesystem, "
2596 "where the top directory in the hierarchy (I</dev/cpuset>) represents the "
2597 "entire system (all online CPUs and memory nodes) and any cpuset that is the "
2598 "child (descendant) of another parent cpuset contains a subset of that "
2599 "parent's CPUs and memory nodes. The directories and files representing "
2600 "cpusets have normal filesystem permissions."
2604 #: build/C/man7/cpuset.7:84
2606 "Every process in the system belongs to exactly one cpuset. A process is "
2607 "confined to run only on the CPUs in the cpuset it belongs to, and to "
2608 "allocate memory only on the memory nodes in that cpuset. When a process "
2609 "B<fork>(2)s, the child process is placed in the same cpuset as its parent. "
2610 "With sufficient privilege, a process may be moved from one cpuset to another "
2611 "and the allowed CPUs and memory nodes of an existing cpuset may be changed."
2615 #: build/C/man7/cpuset.7:92
2617 "When the system begins booting, a single cpuset is defined that includes all "
2618 "CPUs and memory nodes on the system, and all processes are in that cpuset. "
2619 "During the boot process, or later during normal system operation, other "
2620 "cpusets may be created, as subdirectories of this top cpuset, under the "
2621 "control of the system administrator, and processes may be placed in these "
2626 #: build/C/man7/cpuset.7:114
2628 "Cpusets are integrated with the B<sched_setaffinity>(2) scheduling affinity "
2629 "mechanism and the B<mbind>(2) and B<set_mempolicy>(2) memory-placement "
2630 "mechanisms in the kernel. Neither of these mechanisms let a process make "
2631 "use of a CPU or memory node that is not allowed by that process's cpuset. "
2632 "If changes to a process's cpuset placement conflict with these other "
2633 "mechanisms, then cpuset placement is enforced even if it means overriding "
2634 "these other mechanisms. The kernel accomplishes this overriding by silently "
2635 "restricting the CPUs and memory nodes requested by these other mechanisms to "
2636 "those allowed by the invoking process's cpuset. This can result in these "
2637 "other calls returning an error, if for example, such a call ends up "
2638 "requesting an empty set of CPUs or memory nodes, after that request is "
2639 "restricted to the invoking process's cpuset."
2643 #: build/C/man7/cpuset.7:120
2645 "Typically, a cpuset is used to manage the CPU and memory-node confinement "
2646 "for a set of cooperating processes such as a batch scheduler job, and these "
2647 "other mechanisms are used to manage the placement of individual processes or "
2648 "memory regions within that set or job."
2652 #: build/C/man7/cpuset.7:120
2658 #: build/C/man7/cpuset.7:125
2660 "Each directory below I</dev/cpuset> represents a cpuset and contains a fixed "
2661 "set of pseudo-files describing the state of that cpuset."
2665 #: build/C/man7/cpuset.7:135
2667 "New cpusets are created using the B<mkdir>(2) system call or the "
2668 "B<mkdir>(1) command. The properties of a cpuset, such as its flags, "
2669 "allowed CPUs and memory nodes, and attached processes, are queried and "
2670 "modified by reading or writing to the appropriate file in that cpuset's "
2671 "directory, as listed below."
2675 #: build/C/man7/cpuset.7:141
2677 "The pseudo-files in each cpuset directory are automatically created when the "
2678 "cpuset is created, as a result of the B<mkdir>(2) invocation. It is not "
2679 "possible to directly add or remove these pseudo-files."
2683 #: build/C/man7/cpuset.7:149
2685 "A cpuset directory that contains no child cpuset directories, and has no "
2686 "attached processes, can be removed using B<rmdir>(2) or B<rmdir>(1). It is "
2687 "not necessary, or possible, to remove the pseudo-files inside the directory "
2688 "before removing it."
2692 #: build/C/man7/cpuset.7:163
2694 "The pseudo-files in each cpuset directory are small text files that may be "
2695 "read and written using traditional shell utilities such as B<cat>(1), and "
2696 "B<echo>(1), or from a program by using file I/O library functions or system "
2697 "calls, such as B<open>(2), B<read>(2), B<write>(2), and B<close>(2)."
2700 #. ====================== tasks ======================
2702 #: build/C/man7/cpuset.7:168
2704 "The pseudo-files in a cpuset directory represent internal kernel state and "
2705 "do not have any persistent image on disk. Each of these per-cpuset files is "
2706 "listed and described below."
2710 #: build/C/man7/cpuset.7:168
2716 #: build/C/man7/cpuset.7:178
2718 "List of the process IDs (PIDs) of the processes in that cpuset. The list is "
2719 "formatted as a series of ASCII decimal numbers, each followed by a newline. "
2720 "A process may be added to a cpuset (automatically removing it from the "
2721 "cpuset that previously contained it) by writing its PID to that cpuset's "
2722 "I<tasks> file (with or without a trailing newline.)"
2725 #. =================== notify_on_release ===================
2727 #: build/C/man7/cpuset.7:186
2729 "B<Warning:> only one PID may be written to the I<tasks> file at a time. If "
2730 "a string is written that contains more than one PID, only the first one will "
2735 #: build/C/man7/cpuset.7:186
2737 msgid "I<notify_on_release>"
2740 #. ====================== cpus ======================
2742 #: build/C/man7/cpuset.7:195
2744 "Flag (0 or 1). If set (1), that cpuset will receive special handling after "
2745 "it is released, that is, after all processes cease using it (i.e., terminate "
2746 "or are moved to a different cpuset) and all child cpuset directories have "
2747 "been removed. See the B<Notify On Release> section, below."
2751 #: build/C/man7/cpuset.7:195
2753 msgid "I<cpuset.cpus>"
2757 #: build/C/man7/cpuset.7:202
2759 "List of the physical numbers of the CPUs on which processes in that cpuset "
2760 "are allowed to execute. See B<List Format> below for a description of the "
2761 "format of I<cpus>."
2764 #. ==================== cpu_exclusive ====================
2766 #: build/C/man7/cpuset.7:208
2768 "The CPUs allowed to a cpuset may be changed by writing a new list to its "
2773 #: build/C/man7/cpuset.7:208
2775 msgid "I<cpuset.cpu_exclusive>"
2779 #: build/C/man7/cpuset.7:215
2781 "Flag (0 or 1). If set (1), the cpuset has exclusive use of its CPUs (no "
2782 "sibling or cousin cpuset may overlap CPUs). By default this is off (0). "
2783 "Newly created cpusets also initially default this to off (0)."
2786 #. ====================== mems ======================
2788 #: build/C/man7/cpuset.7:237
2790 "Two cpusets are I<sibling> cpusets if they share the same parent cpuset in "
2791 "the I</dev/cpuset> hierarchy. Two cpusets are I<cousin> cpusets if neither "
2792 "is the ancestor of the other. Regardless of the I<cpu_exclusive> setting, "
2793 "if one cpuset is the ancestor of another, and if both of these cpusets have "
2794 "nonempty I<cpus>, then their I<cpus> must overlap, because the I<cpus> of "
2795 "any cpuset are always a subset of the I<cpus> of its parent cpuset."
2799 #: build/C/man7/cpuset.7:237
2801 msgid "I<cpuset.mems>"
2804 #. ==================== mem_exclusive ====================
2806 #: build/C/man7/cpuset.7:245
2808 "List of memory nodes on which processes in this cpuset are allowed to "
2809 "allocate memory. See B<List Format> below for a description of the format "
2814 #: build/C/man7/cpuset.7:245
2816 msgid "I<cpuset.mem_exclusive>"
2820 #: build/C/man7/cpuset.7:253
2822 "Flag (0 or 1). If set (1), the cpuset has exclusive use of its memory nodes "
2823 "(no sibling or cousin may overlap). Also if set (1), the cpuset is a "
2824 "B<Hardwall> cpuset (see below.) By default this is off (0). Newly created "
2825 "cpusets also initially default this to off (0)."
2828 #. ==================== mem_hardwall ====================
2830 #: build/C/man7/cpuset.7:261
2832 "Regardless of the I<mem_exclusive> setting, if one cpuset is the ancestor of "
2833 "another, then their memory nodes must overlap, because the memory nodes of "
2834 "any cpuset are always a subset of the memory nodes of that cpuset's parent "
2839 #: build/C/man7/cpuset.7:261
2841 msgid "I<cpuset.mem_hardwall> (since Linux 2.6.26)"
2844 #. ==================== memory_migrate ====================
2846 #: build/C/man7/cpuset.7:272
2848 "Flag (0 or 1). If set (1), the cpuset is a B<Hardwall> cpuset (see below.) "
2849 "Unlike B<mem_exclusive>, there is no constraint on whether cpusets marked "
2850 "B<mem_hardwall> may have overlapping memory nodes with sibling or cousin "
2851 "cpusets. By default this is off (0). Newly created cpusets also initially "
2852 "default this to off (0)."
2856 #: build/C/man7/cpuset.7:272
2858 msgid "I<cpuset.memory_migrate> (since Linux 2.6.16)"
2861 #. ==================== memory_pressure ====================
2863 #: build/C/man7/cpuset.7:279
2865 "Flag (0 or 1). If set (1), then memory migration is enabled. By default "
2866 "this is off (0). See the B<Memory Migration> section, below."
2870 #: build/C/man7/cpuset.7:279
2872 msgid "I<cpuset.memory_pressure> (since Linux 2.6.16)"
2875 #. ================= memory_pressure_enabled =================
2877 #: build/C/man7/cpuset.7:292
2879 "A measure of how much memory pressure the processes in this cpuset are "
2880 "causing. See the B<Memory Pressure> section, below. Unless "
2881 "I<memory_pressure_enabled> is enabled, always has value zero (0). This file "
2882 "is read-only. See the B<WARNINGS> section, below."
2886 #: build/C/man7/cpuset.7:292
2888 msgid "I<cpuset.memory_pressure_enabled> (since Linux 2.6.16)"
2891 #. ================== memory_spread_page ==================
2893 #: build/C/man7/cpuset.7:304
2895 "Flag (0 or 1). This file is present only in the root cpuset, normally "
2896 "I</dev/cpuset>. If set (1), the I<memory_pressure> calculations are enabled "
2897 "for all cpusets in the system. By default this is off (0). See the "
2898 "B<Memory Pressure> section, below."
2902 #: build/C/man7/cpuset.7:304
2904 msgid "I<cpuset.memory_spread_page> (since Linux 2.6.17)"
2907 #. ================== memory_spread_slab ==================
2909 #: build/C/man7/cpuset.7:314
2911 "Flag (0 or 1). If set (1), pages in the kernel page cache (filesystem "
2912 "buffers) are uniformly spread across the cpuset. By default this is off (0) "
2913 "in the top cpuset, and inherited from the parent cpuset in newly created "
2914 "cpusets. See the B<Memory Spread> section, below."
2918 #: build/C/man7/cpuset.7:314
2920 msgid "I<cpuset.memory_spread_slab> (since Linux 2.6.17)"
2923 #. ================== sched_load_balance ==================
2925 #: build/C/man7/cpuset.7:325
2927 "Flag (0 or 1). If set (1), the kernel slab caches for file I/O (directory "
2928 "and inode structures) are uniformly spread across the cpuset. By default "
2929 "this is off (0) in the top cpuset, and inherited from the parent cpuset in "
2930 "newly created cpusets. See the B<Memory Spread> section, below."
2934 #: build/C/man7/cpuset.7:325
2936 msgid "I<cpuset.sched_load_balance> (since Linux 2.6.24)"
2939 #. ================== sched_relax_domain_level ==================
2941 #: build/C/man7/cpuset.7:339
2943 "Flag (0 or 1). If set (1, the default) the kernel will automatically load "
2944 "balance processes in that cpuset over the allowed CPUs in that cpuset. If "
2945 "cleared (0) the kernel will avoid load balancing processes in this cpuset, "
2946 "I<unless> some other cpuset with overlapping CPUs has its "
2947 "I<sched_load_balance> flag set. See B<Scheduler Load Balancing>, below, for "
2952 #: build/C/man7/cpuset.7:339
2954 msgid "I<cpuset.sched_relax_domain_level> (since Linux 2.6.26)"
2957 #. ================== proc cpuset ==================
2959 #: build/C/man7/cpuset.7:359
2961 "Integer, between -1 and a small positive value. The "
2962 "I<sched_relax_domain_level> controls the width of the range of CPUs over "
2963 "which the kernel scheduler performs immediate rebalancing of runnable tasks "
2964 "across CPUs. If I<sched_load_balance> is disabled, then the setting of "
2965 "I<sched_relax_domain_level> does not matter, as no such load balancing is "
2966 "done. If I<sched_load_balance> is enabled, then the higher the value of the "
2967 "I<sched_relax_domain_level>, the wider the range of CPUs over which "
2968 "immediate load balancing is attempted. See B<Scheduler Relax Domain Level>, "
2969 "below, for further details."
2972 #. ================== proc status ==================
2974 #: build/C/man7/cpuset.7:367
2976 "In addition to the above pseudo-files in each directory below "
2977 "I</dev/cpuset>, each process has a pseudo-file, "
2978 "I</proc/E<lt>pidE<gt>/cpuset>, that displays the path of the process's "
2979 "cpuset directory relative to the root of the cpuset filesystem."
2983 #: build/C/man7/cpuset.7:378
2985 "Also the I</proc/E<lt>pidE<gt>/status> file for each process has four added "
2986 "lines, displaying the process's I<Cpus_allowed> (on which CPUs it may be "
2987 "scheduled) and I<Mems_allowed> (on which memory nodes it may obtain memory), "
2988 "in the two formats B<Mask Format> and B<List Format> (see below) as shown "
2989 "in the following example:"
2993 #: build/C/man7/cpuset.7:385
2996 "Cpus_allowed: ffffffff,ffffffff,ffffffff,ffffffff\n"
2997 "Cpus_allowed_list: 0-127\n"
2998 "Mems_allowed: ffffffff,ffffffff\n"
2999 "Mems_allowed_list: 0-63\n"
3002 #. ================== EXTENDED CAPABILITIES ==================
3004 #: build/C/man7/cpuset.7:391
3006 "The \"allowed\" fields were added in Linux 2.6.24; the \"allowed_list\" "
3007 "fields were added in Linux 2.6.26."
3011 #: build/C/man7/cpuset.7:391
3013 msgid "EXTENDED CAPABILITIES"
3016 #. ================== Exclusive Cpusets ==================
3018 #: build/C/man7/cpuset.7:399
3020 "In addition to controlling which I<cpus> and I<mems> a process is allowed to "
3021 "use, cpusets provide the following extended capabilities."
3025 #: build/C/man7/cpuset.7:399
3027 msgid "Exclusive cpusets"
3031 #: build/C/man7/cpuset.7:406
3033 "If a cpuset is marked I<cpu_exclusive> or I<mem_exclusive>, no other cpuset, "
3034 "other than a direct ancestor or descendant, may share any of the same CPUs "
3038 #. ================== Hardwall ==================
3040 #: build/C/man7/cpuset.7:432
3042 "A cpuset that is I<mem_exclusive> restricts kernel allocations for buffer "
3043 "cache pages and other internal kernel data pages commonly shared by the "
3044 "kernel across multiple users. All cpusets, whether I<mem_exclusive> or not, "
3045 "restrict allocations of memory for user space. This enables configuring a "
3046 "system so that several independent jobs can share common kernel data, while "
3047 "isolating each job's user allocation in its own cpuset. To do this, "
3048 "construct a large I<mem_exclusive> cpuset to hold all the jobs, and "
3049 "construct child, non-I<mem_exclusive> cpusets for each individual job. Only "
3050 "a small amount of kernel memory, such as requests from interrupt handlers, "
3051 "is allowed to be placed on memory nodes outside even a I<mem_exclusive> "
3056 #: build/C/man7/cpuset.7:432
3062 #: build/C/man7/cpuset.7:447
3064 "A cpuset that has I<mem_exclusive> or I<mem_hardwall> set is a I<hardwall> "
3065 "cpuset. A I<hardwall> cpuset restricts kernel allocations for page, buffer, "
3066 "and other data commonly shared by the kernel across multiple users. All "
3067 "cpusets, whether I<hardwall> or not, restrict allocations of memory for user "
3072 #: build/C/man7/cpuset.7:458
3074 "This enables configuring a system so that several independent jobs can share "
3075 "common kernel data, such as filesystem pages, while isolating each job's "
3076 "user allocation in its own cpuset. To do this, construct a large "
3077 "I<hardwall> cpuset to hold all the jobs, and construct child cpusets for "
3078 "each individual job which are not I<hardwall> cpusets."
3081 #. ================== Notify On Release ==================
3083 #: build/C/man7/cpuset.7:464
3085 "Only a small amount of kernel memory, such as requests from interrupt "
3086 "handlers, is allowed to be taken outside even a I<hardwall> cpuset."
3090 #: build/C/man7/cpuset.7:464
3092 msgid "Notify on release"
3096 #: build/C/man7/cpuset.7:476
3098 "If the I<notify_on_release> flag is enabled (1) in a cpuset, then whenever "
3099 "the last process in the cpuset leaves (exits or attaches to some other "
3100 "cpuset) and the last child cpuset of that cpuset is removed, the kernel "
3101 "will run the command I</sbin/cpuset_release_agent>, supplying the pathname "
3102 "(relative to the mount point of the cpuset filesystem) of the abandoned "
3103 "cpuset. This enables automatic removal of abandoned cpusets."
3107 #: build/C/man7/cpuset.7:484
3109 "The default value of I<notify_on_release> in the root cpuset at system boot "
3110 "is disabled (0). The default value of other cpusets at creation is the "
3111 "current value of their parent's I<notify_on_release> setting."
3115 #: build/C/man7/cpuset.7:492
3117 "The command I</sbin/cpuset_release_agent> is invoked, with the name "
3118 "(I</dev/cpuset> relative path) of the to-be-released cpuset in I<argv[1]>."
3122 #: build/C/man7/cpuset.7:496
3124 "The usual contents of the command I</sbin/cpuset_release_agent> is simply "
3129 #: build/C/man7/cpuset.7:501
3133 "rmdir /dev/cpuset/$1\n"
3136 #. ================== Memory Pressure ==================
3138 #: build/C/man7/cpuset.7:509
3140 "As with other flag values below, this flag can be changed by writing an "
3141 "ASCII number 0 or 1 (with optional trailing newline) into the file, to "
3142 "clear or set the flag, respectively."
3146 #: build/C/man7/cpuset.7:509
3148 msgid "Memory pressure"
3152 #: build/C/man7/cpuset.7:515
3154 "The I<memory_pressure> of a cpuset provides a simple per-cpuset running "
3155 "average of the rate that the processes in a cpuset are attempting to free up "
3156 "in-use memory on the nodes of the cpuset to satisfy additional memory "
3161 #: build/C/man7/cpuset.7:519
3163 "This enables batch managers that are monitoring jobs running in dedicated "
3164 "cpusets to efficiently detect what level of memory pressure that job is "
3169 #: build/C/man7/cpuset.7:526
3171 "This is useful both on tightly managed systems running a wide mix of "
3172 "submitted jobs, which may choose to terminate or reprioritize jobs that are "
3173 "trying to use more memory than allowed on the nodes assigned them, and with "
3174 "tightly coupled, long-running, massively parallel scientific computing jobs "
3175 "that will dramatically fail to meet required performance goals if they start "
3176 "to use more memory than allowed to them."
3180 #: build/C/man7/cpuset.7:531
3182 "This mechanism provides a very economical way for the batch manager to "
3183 "monitor a cpuset for signs of memory pressure. It's up to the batch manager "
3184 "or other user code to decide what action to take if it detects signs of "
3189 #: build/C/man7/cpuset.7:538
3191 "Unless memory pressure calculation is enabled by setting the pseudo-file "
3192 "I</dev/cpuset/cpuset.memory_pressure_enabled>, it is not computed for any "
3193 "cpuset, and reads from any I<memory_pressure> always return zero, as "
3194 "represented by the ASCII string \"0\\en\". See the B<WARNINGS> section, "
3199 #: build/C/man7/cpuset.7:540
3200 msgid "A per-cpuset, running average is employed for the following reasons:"
3204 #: build/C/man7/cpuset.7:545
3206 "Because this meter is per-cpuset rather than per-process or per virtual "
3207 "memory region, the system load imposed by a batch scheduler monitoring this "
3208 "metric is sharply reduced on large systems, because a scan of the tasklist "
3209 "can be avoided on each set of queries."
3213 #: build/C/man7/cpuset.7:550
3215 "Because this meter is a running average rather than an accumulating counter, "
3216 "a batch scheduler can detect memory pressure with a single read, instead of "
3217 "having to read and accumulate results for a period of time."
3221 #: build/C/man7/cpuset.7:556
3223 "Because this meter is per-cpuset rather than per-process, the batch "
3224 "scheduler can obtain the key information\\(emmemory pressure in a "
3225 "cpuset\\(emwith a single read, rather than having to query and accumulate "
3226 "results over all the (dynamically changing) set of processes in the cpuset."
3230 #: build/C/man7/cpuset.7:564
3232 "The I<memory_pressure> of a cpuset is calculated using a per-cpuset simple "
3233 "digital filter that is kept within the kernel. For each cpuset, this filter "
3234 "tracks the recent rate at which processes attached to that cpuset enter the "
3235 "kernel direct reclaim code."
3239 #: build/C/man7/cpuset.7:573
3241 "The kernel direct reclaim code is entered whenever a process has to satisfy "
3242 "a memory page request by first finding some other page to repurpose, due to "
3243 "lack of any readily available already free pages. Dirty filesystem pages "
3244 "are repurposed by first writing them to disk. Unmodified filesystem buffer "
3245 "pages are repurposed by simply dropping them, though if that page is needed "
3246 "again, it will have to be reread from disk."
3249 #. ================== Memory Spread ==================
3251 #: build/C/man7/cpuset.7:581
3253 "The I<cpuset.memory_pressure> file provides an integer number representing "
3254 "the recent (half-life of 10 seconds) rate of entries to the direct reclaim "
3255 "code caused by any process in the cpuset, in units of reclaims attempted per "
3256 "second, times 1000."
3260 #: build/C/man7/cpuset.7:581
3262 msgid "Memory spread"
3266 #: build/C/man7/cpuset.7:589
3268 "There are two Boolean flag files per cpuset that control where the kernel "
3269 "allocates pages for the filesystem buffers and related in-kernel data "
3270 "structures. They are called I<cpuset.memory_spread_page> and "
3271 "I<cpuset.memory_spread_slab>."
3275 #: build/C/man7/cpuset.7:596
3277 "If the per-cpuset Boolean flag file I<cpuset.memory_spread_page> is set, "
3278 "then the kernel will spread the filesystem buffers (page cache) evenly over "
3279 "all the nodes that the faulting process is allowed to use, instead of "
3280 "preferring to put those pages on the node where the process is running."
3284 #: build/C/man7/cpuset.7:604
3286 "If the per-cpuset Boolean flag file I<cpuset.memory_spread_slab> is set, "
3287 "then the kernel will spread some filesystem-related slab caches, such as "
3288 "those for inodes and directory entries, evenly over all the nodes that the "
3289 "faulting process is allowed to use, instead of preferring to put those pages "
3290 "on the node where the process is running."
3294 #: build/C/man7/cpuset.7:609
3296 "The setting of these flags does not affect the data segment (see B<brk>(2)) "
3297 "or stack segment pages of a process."
3301 #: build/C/man7/cpuset.7:617
3303 "By default, both kinds of memory spreading are off and the kernel prefers to "
3304 "allocate memory pages on the node local to where the requesting process is "
3305 "running. If that node is not allowed by the process's NUMA memory policy or "
3306 "cpuset configuration or if there are insufficient free memory pages on that "
3307 "node, then the kernel looks for the nearest node that is allowed and has "
3308 "sufficient free memory."
3312 #: build/C/man7/cpuset.7:620
3314 "When new cpusets are created, they inherit the memory spread settings of "
3319 #: build/C/man7/cpuset.7:635
3321 "Setting memory spreading causes allocations for the affected page or slab "
3322 "caches to ignore the process's NUMA memory policy and be spread instead. "
3323 "However, the effect of these changes in memory placement caused by "
3324 "cpuset-specified memory spreading is hidden from the B<mbind>(2) or "
3325 "B<set_mempolicy>(2) calls. These two NUMA memory policy calls always "
3326 "appear to behave as if no cpuset-specified memory spreading is in effect, "
3327 "even if it is. If cpuset memory spreading is subsequently turned off, the "
3328 "NUMA memory policy most recently specified by these calls is automatically "
3333 #: build/C/man7/cpuset.7:644
3335 "Both I<cpuset.memory_spread_page> and I<cpuset.memory_spread_slab> are "
3336 "Boolean flag files. By default they contain \"0\", meaning that the feature "
3337 "is off for that cpuset. If a \"1\" is written to that file, that turns the "
3342 #: build/C/man7/cpuset.7:647
3344 "Cpuset-specified memory spreading behaves similarly to what is known (in "
3345 "other contexts) as round-robin or interleave memory placement."
3349 #: build/C/man7/cpuset.7:650
3351 "Cpuset-specified memory spreading can provide substantial performance "
3352 "improvements for jobs that:"
3356 #: build/C/man7/cpuset.7:650
3362 #: build/C/man7/cpuset.7:654
3364 "need to place thread-local data on memory nodes close to the CPUs which are "
3365 "running the threads that most frequently access that data; but also"
3369 #: build/C/man7/cpuset.7:654
3375 #: build/C/man7/cpuset.7:657
3377 "need to access large filesystem data sets that must to be spread across the "
3378 "several nodes in the job's cpuset in order to fit."
3381 #. ================== Memory Migration ==================
3383 #: build/C/man7/cpuset.7:664
3385 "Without this policy, the memory allocation across the nodes in the job's "
3386 "cpuset can become very uneven, especially for jobs that might have just a "
3387 "single thread initializing or reading in the data set."
3391 #: build/C/man7/cpuset.7:664
3393 msgid "Memory migration"
3397 #: build/C/man7/cpuset.7:673
3399 "Normally, under the default setting (disabled) of I<cpuset.memory_migrate>, "
3400 "once a page is allocated (given a physical page of main memory), then that "
3401 "page stays on whatever node it was allocated, so long as it remains "
3402 "allocated, even if the cpuset's memory-placement policy I<mems> subsequently "
3407 #: build/C/man7/cpuset.7:679
3409 "When memory migration is enabled in a cpuset, if the I<mems> setting of the "
3410 "cpuset is changed, then any memory page in use by any process in the cpuset "
3411 "that is on a memory node that is no longer allowed will be migrated to a "
3412 "memory node that is allowed."
3416 #: build/C/man7/cpuset.7:685
3418 "Furthermore, if a process is moved into a cpuset with I<memory_migrate> "
3419 "enabled, any memory pages it uses that were on memory nodes allowed in its "
3420 "previous cpuset, but which are not allowed in its new cpuset, will be "
3421 "migrated to a memory node allowed in the new cpuset."
3424 #. ================== Scheduler Load Balancing ==================
3426 #: build/C/man7/cpuset.7:693
3428 "The relative placement of a migrated page within the cpuset is preserved "
3429 "during these migration operations if possible. For example, if the page was "
3430 "on the second valid node of the prior cpuset, then the page will be placed "
3431 "on the second valid node of the new cpuset, if possible."
3435 #: build/C/man7/cpuset.7:693
3437 msgid "Scheduler load balancing"
3441 #: build/C/man7/cpuset.7:700
3443 "The kernel scheduler automatically load balances processes. If one CPU is "
3444 "underutilized, the kernel will look for processes on other more overloaded "
3445 "CPUs and move those processes to the underutilized CPU, within the "
3446 "constraints of such placement mechanisms as cpusets and "
3447 "B<sched_setaffinity>(2)."
3451 #: build/C/man7/cpuset.7:713
3453 "The algorithmic cost of load balancing and its impact on key shared kernel "
3454 "data structures such as the process list increases more than linearly with "
3455 "the number of CPUs being balanced. For example, it costs more to load "
3456 "balance across one large set of CPUs than it does to balance across two "
3457 "smaller sets of CPUs, each of half the size of the larger set. (The precise "
3458 "relationship between the number of CPUs being balanced and the cost of load "
3459 "balancing depends on implementation details of the kernel process scheduler, "
3460 "which is subject to change over time, as improved kernel scheduler "
3461 "algorithms are implemented.)"
3465 #: build/C/man7/cpuset.7:719
3467 "The per-cpuset flag I<sched_load_balance> provides a mechanism to suppress "
3468 "this automatic scheduler load balancing in cases where it is not needed and "
3469 "suppressing it would have worthwhile performance benefits."
3473 #: build/C/man7/cpuset.7:723
3475 "By default, load balancing is done across all CPUs, except those marked "
3476 "isolated using the kernel boot time \"isolcpus=\" argument. (See "
3477 "B<Scheduler Relax Domain Level>, below, to change this default.)"
3481 #: build/C/man7/cpuset.7:726
3483 "This default load balancing across all CPUs is not well suited to the "
3484 "following two situations:"
3488 #: build/C/man7/cpuset.7:730
3490 "On large systems, load balancing across many CPUs is expensive. If the "
3491 "system is managed using cpusets to place independent jobs on separate sets "
3492 "of CPUs, full load balancing is unnecessary."
3496 #: build/C/man7/cpuset.7:734
3498 "Systems supporting real-time on some CPUs need to minimize system overhead "
3499 "on those CPUs, including avoiding process load balancing if that is not "
3504 #: build/C/man7/cpuset.7:744
3506 "When the per-cpuset flag I<sched_load_balance> is enabled (the default "
3507 "setting), it requests load balancing across all the CPUs in that cpuset's "
3508 "allowed CPUs, ensuring that load balancing can move a process (not otherwise "
3509 "pinned, as by B<sched_setaffinity>(2)) from any CPU in that cpuset to any "
3514 #: build/C/man7/cpuset.7:753
3516 "When the per-cpuset flag I<sched_load_balance> is disabled, then the "
3517 "scheduler will avoid load balancing across the CPUs in that cpuset, "
3518 "I<except> in so far as is necessary because some overlapping cpuset has "
3519 "I<sched_load_balance> enabled."
3523 #: build/C/man7/cpuset.7:761
3525 "So, for example, if the top cpuset has the flag I<sched_load_balance> "
3526 "enabled, then the scheduler will load balance across all CPUs, and the "
3527 "setting of the I<sched_load_balance> flag in other cpusets has no effect, as "
3528 "we're already fully load balancing."
3532 #: build/C/man7/cpuset.7:766
3534 "Therefore in the above two situations, the flag I<sched_load_balance> should "
3535 "be disabled in the top cpuset, and only some of the smaller, child cpusets "
3536 "would have this flag enabled."
3540 #: build/C/man7/cpuset.7:774
3542 "When doing this, you don't usually want to leave any unpinned processes in "
3543 "the top cpuset that might use nontrivial amounts of CPU, as such processes "
3544 "may be artificially constrained to some subset of CPUs, depending on the "
3545 "particulars of this flag setting in descendant cpusets. Even if such a "
3546 "process could use spare CPU cycles in some other CPUs, the kernel scheduler "
3547 "might not consider the possibility of load balancing that process to the "
3551 #. ================== Scheduler Relax Domain Level ==================
3553 #: build/C/man7/cpuset.7:780
3555 "Of course, processes pinned to a particular CPU can be left in a cpuset that "
3556 "disables I<sched_load_balance> as those processes aren't going anywhere else "
3561 #: build/C/man7/cpuset.7:780
3563 msgid "Scheduler relax domain level"
3567 #: build/C/man7/cpuset.7:801
3569 "The kernel scheduler performs immediate load balancing whenever a CPU "
3570 "becomes free or another task becomes runnable. This load balancing works to "
3571 "ensure that as many CPUs as possible are usefully employed running tasks. "
3572 "The kernel also performs periodic load balancing off the software clock "
3573 "described in B<time>(7). The setting of I<sched_relax_domain_level> applies "
3574 "only to immediate load balancing. Regardless of the "
3575 "I<sched_relax_domain_level> setting, periodic load balancing is attempted "
3576 "over all CPUs (unless disabled by turning off I<sched_load_balance>.) In "
3577 "any case, of course, tasks will be scheduled to run only on CPUs allowed by "
3578 "their cpuset, as modified by B<sched_setaffinity>(2) system calls."
3582 #: build/C/man7/cpuset.7:809
3584 "On small systems, such as those with just a few CPUs, immediate load "
3585 "balancing is useful to improve system interactivity and to minimize wasteful "
3586 "idle CPU cycles. But on large systems, attempting immediate load balancing "
3587 "across a large number of CPUs can be more costly than it is worth, depending "
3588 "on the particular performance characteristics of the job mix and the "
3593 #: build/C/man7/cpuset.7:817
3595 "The exact meaning of the small integer values of I<sched_relax_domain_level> "
3596 "will depend on internal implementation details of the kernel scheduler code "
3597 "and on the non-uniform architecture of the hardware. Both of these will "
3598 "evolve over time and vary by system architecture and kernel version."
3602 #: build/C/man7/cpuset.7:822
3604 "As of this writing, when this capability was introduced in Linux 2.6.26, on "
3605 "certain popular architectures, the positive values of "
3606 "I<sched_relax_domain_level> have the following meanings."
3610 #: build/C/man7/cpuset.7:824
3616 #: build/C/man7/cpuset.7:827
3618 "Perform immediate load balancing across Hyper-Thread siblings on the same "
3623 #: build/C/man7/cpuset.7:827
3629 #: build/C/man7/cpuset.7:829
3630 msgid "Perform immediate load balancing across other cores in the same package."
3634 #: build/C/man7/cpuset.7:829
3640 #: build/C/man7/cpuset.7:832
3642 "Perform immediate load balancing across other CPUs on the same node or "
3647 #: build/C/man7/cpuset.7:832
3653 #: build/C/man7/cpuset.7:835
3655 "Perform immediate load balancing across over several (implementation detail) "
3656 "nodes [On NUMA systems]."
3660 #: build/C/man7/cpuset.7:835
3666 #: build/C/man7/cpuset.7:838
3668 "Perform immediate load balancing across over all CPUs in system [On NUMA "
3673 #: build/C/man7/cpuset.7:847
3675 "The I<sched_relax_domain_level> value of zero (0) always means don't perform "
3676 "immediate load balancing, hence that load balancing is done only "
3677 "periodically, not immediately when a CPU becomes available or another task "
3682 #: build/C/man7/cpuset.7:855
3684 "The I<sched_relax_domain_level> value of minus one (-1) always means use "
3685 "the system default value. The system default value can vary by architecture "
3686 "and kernel version. This system default value can be changed by kernel "
3687 "boot-time \"relax_domain_level=\" argument."
3691 #: build/C/man7/cpuset.7:863
3693 "In the case of multiple overlapping cpusets which have conflicting "
3694 "I<sched_relax_domain_level> values, then the highest such value applies to "
3695 "all CPUs in any of the overlapping cpusets. In such cases, the value "
3696 "B<minus one (-1)> is the lowest value, overridden by any other value, and "
3697 "the value B<zero (0)> is the next lowest value."
3701 #: build/C/man7/cpuset.7:863
3706 #. ================== Mask Format ==================
3708 #: build/C/man7/cpuset.7:867
3709 msgid "The following formats are used to represent sets of CPUs and memory nodes."
3713 #: build/C/man7/cpuset.7:867
3719 #: build/C/man7/cpuset.7:872
3721 "The B<Mask Format> is used to represent CPU and memory-node bit masks in the "
3722 "I</proc/E<lt>pidE<gt>/status> file."
3726 #: build/C/man7/cpuset.7:880
3728 "This format displays each 32-bit word in hexadecimal (using ASCII characters "
3729 "\"0\" - \"9\" and \"a\" - \"f\"); words are filled with leading zeros, if "
3730 "required. For masks longer than one word, a comma separator is used between "
3731 "words. Words are displayed in big-endian order, which has the most "
3732 "significant bit first. The hex digits within a word are also in big-endian "
3737 #: build/C/man7/cpuset.7:883
3739 "The number of 32-bit words displayed is the minimum number needed to display "
3740 "all bits of the bit mask, based on the size of the bit mask."
3744 #: build/C/man7/cpuset.7:885
3745 msgid "Examples of the B<Mask Format>:"
3749 #: build/C/man7/cpuset.7:893
3752 "00000001 # just bit 0 set\n"
3753 "40000000,00000000,00000000 # just bit 94 set\n"
3754 "00000001,00000000,00000000 # just bit 64 set\n"
3755 "000000ff,00000000 # bits 32-39 set\n"
3756 "00000000,000E3862 # 1,5,6,11-13,17-19 set\n"
3760 #: build/C/man7/cpuset.7:897
3761 msgid "A mask with bits 0, 1, 2, 4, 8, 16, 32, and 64 set displays as:"
3765 #: build/C/man7/cpuset.7:901
3767 msgid "00000001,00000001,00010117\n"
3770 #. ================== List Format ==================
3772 #: build/C/man7/cpuset.7:908
3774 "The first \"1\" is for bit 64, the second for bit 32, the third for bit 16, "
3775 "the fourth for bit 8, the fifth for bit 4, and the \"7\" is for bits 2, 1, "
3780 #: build/C/man7/cpuset.7:908
3786 #: build/C/man7/cpuset.7:915
3788 "The B<List Format> for I<cpus> and I<mems> is a comma-separated list of CPU "
3789 "or memory-node numbers and ranges of numbers, in ASCII decimal."
3793 #: build/C/man7/cpuset.7:917
3794 msgid "Examples of the B<List Format>:"
3798 #: build/C/man7/cpuset.7:922
3801 "0-4,9 # bits 0, 1, 2, 3, 4, and 9 set\n"
3802 "0-2,7,12-14 # bits 0, 1, 2, 7, 12, 13, and 14 set\n"
3805 #. ================== RULES ==================
3807 #: build/C/man7/cpuset.7:925
3813 #: build/C/man7/cpuset.7:927
3814 msgid "The following rules apply to each cpuset:"
3818 #: build/C/man7/cpuset.7:930
3820 "Its CPUs and memory nodes must be a (possibly equal) subset of its "
3825 #: build/C/man7/cpuset.7:934
3826 msgid "It can be marked I<cpu_exclusive> only if its parent is."
3830 #: build/C/man7/cpuset.7:938
3831 msgid "It can be marked I<mem_exclusive> only if its parent is."
3835 #: build/C/man7/cpuset.7:942
3836 msgid "If it is I<cpu_exclusive>, its CPUs may not overlap any sibling."
3839 #. ================== PERMISSIONS ==================
3841 #: build/C/man7/cpuset.7:947
3842 msgid "If it is I<memory_exclusive>, its memory nodes may not overlap any sibling."
3846 #: build/C/man7/cpuset.7:947
3852 #: build/C/man7/cpuset.7:952
3854 "The permissions of a cpuset are determined by the permissions of the "
3855 "directories and pseudo-files in the cpuset filesystem, normally mounted at "
3860 #: build/C/man7/cpuset.7:961
3862 "For instance, a process can put itself in some other cpuset (than its "
3863 "current one) if it can write the I<tasks> file for that cpuset. This "
3864 "requires execute permission on the encompassing directories and write "
3865 "permission on the I<tasks> file."
3869 #: build/C/man7/cpuset.7:968
3871 "An additional constraint is applied to requests to place some other process "
3872 "in a cpuset. One process may not attach another to a cpuset unless it would "
3873 "have permission to send that process a signal (see B<kill>(2))."
3877 #: build/C/man7/cpuset.7:979
3879 "A process may create a child cpuset if it can access and write the parent "
3880 "cpuset directory. It can modify the CPUs or memory nodes in a cpuset if it "
3881 "can access that cpuset's directory (execute permissions on the each of the "
3882 "parent directories) and write the corresponding I<cpus> or I<mems> file."
3886 #: build/C/man7/cpuset.7:1000
3888 "There is one minor difference between the manner in which these permissions "
3889 "are evaluated and the manner in which normal filesystem operation "
3890 "permissions are evaluated. The kernel interprets relative pathnames "
3891 "starting at a process's current working directory. Even if one is operating "
3892 "on a cpuset file, relative pathnames are interpreted relative to the "
3893 "process's current working directory, not relative to the process's current "
3894 "cpuset. The only ways that cpuset paths relative to a process's current "
3895 "cpuset can be used are if either the process's current working directory is "
3896 "its cpuset (it first did a B<cd> or B<chdir>(2) to its cpuset directory "
3897 "beneath I</dev/cpuset>, which is a bit unusual) or if some user code "
3898 "converts the relative cpuset path to a full filesystem path."
3901 #. ================== WARNINGS ==================
3903 #: build/C/man7/cpuset.7:1015
3905 "In theory, this means that user code should specify cpusets using absolute "
3906 "pathnames, which requires knowing the mount point of the cpuset filesystem "
3907 "(usually, but not necessarily, I</dev/cpuset>). In practice, all user level "
3908 "code that this author is aware of simply assumes that if the cpuset "
3909 "filesystem is mounted, then it is mounted at I</dev/cpuset>. Furthermore, "
3910 "it is common practice for carefully written user code to verify the presence "
3911 "of the pseudo-file I</dev/cpuset/tasks> in order to verify that the cpuset "
3912 "pseudo-filesystem is currently mounted."
3916 #: build/C/man7/cpuset.7:1015
3922 #: build/C/man7/cpuset.7:1016
3924 msgid "Enabling memory_pressure"
3928 #: build/C/man7/cpuset.7:1025
3930 "By default, the per-cpuset file I<cpuset.memory_pressure> always contains "
3931 "zero (0). Unless this feature is enabled by writing \"1\" to the "
3932 "pseudo-file I</dev/cpuset/cpuset.memory_pressure_enabled>, the kernel does "
3933 "not compute per-cpuset I<memory_pressure>."
3937 #: build/C/man7/cpuset.7:1025
3939 msgid "Using the echo command"
3942 #. Gack! csh(1)'s echo does this
3944 #: build/C/man7/cpuset.7:1036
3946 "When using the B<echo> command at the shell prompt to change the values of "
3947 "cpuset files, beware that the built-in B<echo> command in some shells does "
3948 "not display an error message if the B<write>(2) system call fails. For "
3949 "example, if the command:"
3953 #: build/C/man7/cpuset.7:1040
3955 msgid "echo 19 E<gt> cpuset.mems\n"
3959 #: build/C/man7/cpuset.7:1053
3961 "failed because memory node 19 was not allowed (perhaps the current system "
3962 "does not have a memory node 19), then the B<echo> command might not display "
3963 "any error. It is better to use the B</bin/echo> external command to change "
3964 "cpuset file settings, as this command will display B<write>(2) errors, as "
3969 #: build/C/man7/cpuset.7:1058
3972 "/bin/echo 19 E<gt> cpuset.mems\n"
3973 "/bin/echo: write error: Invalid argument\n"
3976 #. ================== EXCEPTIONS ==================
3978 #: build/C/man7/cpuset.7:1061
3984 #: build/C/man7/cpuset.7:1062
3986 msgid "Memory placement"
3990 #: build/C/man7/cpuset.7:1065
3992 "Not all allocations of system memory are constrained by cpusets, for the "
3993 "following reasons."
3997 #: build/C/man7/cpuset.7:1080
3999 "If hot-plug functionality is used to remove all the CPUs that are currently "
4000 "assigned to a cpuset, then the kernel will automatically update the "
4001 "I<cpus_allowed> of all processes attached to CPUs in that cpuset to allow "
4002 "all CPUs. When memory hot-plug functionality for removing memory nodes is "
4003 "available, a similar exception is expected to apply there as well. In "
4004 "general, the kernel prefers to violate cpuset placement, rather than "
4005 "starving a process that has had all its allowed CPUs or memory nodes taken "
4006 "offline. User code should reconfigure cpusets to refer only to online CPUs "
4007 "and memory nodes when using hot-plug to add or remove such resources."
4011 #: build/C/man7/cpuset.7:1088
4013 "A few kernel-critical, internal memory-allocation requests, marked "
4014 "GFP_ATOMIC, must be satisfied immediately. The kernel may drop some request "
4015 "or malfunction if one of these allocations fail. If such a request cannot "
4016 "be satisfied within the current process's cpuset, then we relax the cpuset, "
4017 "and look for memory anywhere we can find it. It's better to violate the "
4018 "cpuset than stress the kernel."
4022 #: build/C/man7/cpuset.7:1092
4024 "Allocations of memory requested by kernel drivers while processing an "
4025 "interrupt lack any relevant process context, and are not confined by "
4030 #: build/C/man7/cpuset.7:1092
4032 msgid "Renaming cpusets"
4035 #. ================== ERRORS ==================
4037 #: build/C/man7/cpuset.7:1100
4039 "You can use the B<rename>(2) system call to rename cpusets. Only simple "
4040 "renaming is supported; that is, changing the name of a cpuset directory is "
4041 "permitted, but moving a directory into a different directory is not "
4046 #: build/C/man7/cpuset.7:1104
4048 "The Linux kernel implementation of cpusets sets I<errno> to specify the "
4049 "reason for a failed system call affecting cpusets."
4053 #: build/C/man7/cpuset.7:1109
4055 "The possible I<errno> settings and their meaning when set on a failed cpuset "
4056 "call are as listed below."
4060 #: build/C/man7/cpuset.7:1109
4066 #: build/C/man7/cpuset.7:1116
4068 "Attempted a B<write>(2) on a special cpuset file with a length larger than "
4069 "some kernel-determined upper limit on the length of such writes."
4073 #: build/C/man7/cpuset.7:1123
4075 "Attempted to B<write>(2) the process ID (PID) of a process to a cpuset "
4076 "I<tasks> file when one lacks permission to move that process."
4080 #: build/C/man7/cpuset.7:1129
4082 "Attempted to add, using B<write>(2), a CPU or memory node to a cpuset, when "
4083 "that CPU or memory node was not already in its parent."
4087 #: build/C/man7/cpuset.7:1137
4089 "Attempted to set, using B<write>(2), I<cpuset.cpu_exclusive> or "
4090 "I<cpuset.mem_exclusive> on a cpuset whose parent lacks the same setting."
4094 #: build/C/man7/cpuset.7:1144
4095 msgid "Attempted to B<write>(2) a I<cpuset.memory_pressure> file."
4099 #: build/C/man7/cpuset.7:1147
4100 msgid "Attempted to create a file in a cpuset directory."
4104 #: build/C/man7/cpuset.7:1147 build/C/man7/cpuset.7:1152 build/C/man7/cpuset.7:1157
4110 #: build/C/man7/cpuset.7:1152
4111 msgid "Attempted to remove, using B<rmdir>(2), a cpuset with attached processes."
4115 #: build/C/man7/cpuset.7:1157
4116 msgid "Attempted to remove, using B<rmdir>(2), a cpuset with child cpusets."
4120 #: build/C/man7/cpuset.7:1162
4122 "Attempted to remove a CPU or memory node from a cpuset that is also in a "
4123 "child of that cpuset."
4127 #: build/C/man7/cpuset.7:1162 build/C/man7/cpuset.7:1167
4133 #: build/C/man7/cpuset.7:1167
4134 msgid "Attempted to create, using B<mkdir>(2), a cpuset that already exists."
4138 #: build/C/man7/cpuset.7:1172
4139 msgid "Attempted to B<rename>(2) a cpuset to a name that already exists."
4143 #: build/C/man7/cpuset.7:1180
4145 "Attempted to B<read>(2) or B<write>(2) a cpuset file using a buffer that "
4146 "is outside the writing processes accessible address space."
4150 #: build/C/man7/cpuset.7:1189
4152 "Attempted to change a cpuset, using B<write>(2), in a way that would violate "
4153 "a I<cpu_exclusive> or I<mem_exclusive> attribute of that cpuset or any of "
4158 #: build/C/man7/cpuset.7:1198
4160 "Attempted to B<write>(2) an empty I<cpuset.cpus> or I<cpuset.mems> list to "
4161 "a cpuset which has attached processes or child cpusets."
4165 #: build/C/man7/cpuset.7:1208
4167 "Attempted to B<write>(2) a I<cpuset.cpus> or I<cpuset.mems> list which "
4168 "included a range with the second number smaller than the first number."
4172 #: build/C/man7/cpuset.7:1217
4174 "Attempted to B<write>(2) a I<cpuset.cpus> or I<cpuset.mems> list which "
4175 "included an invalid character in the string."
4179 #: build/C/man7/cpuset.7:1224
4181 "Attempted to B<write>(2) a list to a I<cpuset.cpus> file that did not "
4182 "include any online CPUs."
4186 #: build/C/man7/cpuset.7:1231
4188 "Attempted to B<write>(2) a list to a I<cpuset.mems> file that did not "
4189 "include any online memory nodes."
4193 #: build/C/man7/cpuset.7:1238
4195 "Attempted to B<write>(2) a list to a I<cpuset.mems> file that included a "
4196 "node that held no memory."
4200 #: build/C/man7/cpuset.7:1246
4202 "Attempted to B<write>(2) a string to a cpuset I<tasks> file that does not "
4203 "begin with an ASCII decimal integer."
4207 #: build/C/man7/cpuset.7:1251
4208 msgid "Attempted to B<rename>(2) a cpuset into a different directory."
4212 #: build/C/man7/cpuset.7:1258
4214 "Attempted to B<read>(2) a I</proc/E<lt>pidE<gt>/cpuset> file for a cpuset "
4215 "path that is longer than the kernel page size."
4219 #: build/C/man7/cpuset.7:1263
4221 "Attempted to create, using B<mkdir>(2), a cpuset whose base directory name "
4222 "is longer than 255 characters."
4226 #: build/C/man7/cpuset.7:1270
4228 "Attempted to create, using B<mkdir>(2), a cpuset whose full pathname, "
4229 "including the mount point (typically \"/dev/cpuset/\") prefix, is longer "
4230 "than 4095 characters."
4234 #: build/C/man7/cpuset.7:1270
4240 #: build/C/man7/cpuset.7:1275
4242 "The cpuset was removed by another process at the same time as a B<write>(2) "
4243 "was attempted on one of the pseudo-files in the cpuset directory."
4247 #: build/C/man7/cpuset.7:1280
4249 "Attempted to create, using B<mkdir>(2), a cpuset in a parent cpuset that "
4254 #: build/C/man7/cpuset.7:1287
4256 "Attempted to B<access>(2) or B<open>(2) a nonexistent file in a cpuset "
4261 #: build/C/man7/cpuset.7:1292
4263 "Insufficient memory is available within the kernel; can occur on a variety "
4264 "of system calls affecting cpusets, but only if the system is extremely short "
4269 #: build/C/man7/cpuset.7:1292 build/C/man7/cpuset.7:1304
4275 #: build/C/man7/cpuset.7:1304
4277 "Attempted to B<write>(2) the process ID (PID) of a process to a cpuset "
4278 "I<tasks> file when the cpuset had an empty I<cpuset.cpus> or empty "
4279 "I<cpuset.mems> setting."
4283 #: build/C/man7/cpuset.7:1314
4285 "Attempted to B<write>(2) an empty I<cpuset.cpus> or I<cpuset.mems> setting "
4286 "to a cpuset that has tasks attached."
4290 #: build/C/man7/cpuset.7:1319
4291 msgid "Attempted to B<rename>(2) a nonexistent cpuset."
4295 #: build/C/man7/cpuset.7:1322
4296 msgid "Attempted to remove a file from a cpuset directory."
4300 #: build/C/man7/cpuset.7:1322
4306 #: build/C/man7/cpuset.7:1330
4308 "Specified a I<cpuset.cpus> or I<cpuset.mems> list to the kernel which "
4309 "included a number too large for the kernel to set in its bit masks."
4312 #. ================== VERSIONS ==================
4314 #: build/C/man7/cpuset.7:1338
4316 "Attempted to B<write>(2) the process ID (PID) of a nonexistent process to a "
4317 "cpuset I<tasks> file."
4320 #. ================== NOTES ==================
4322 #: build/C/man7/cpuset.7:1341
4323 msgid "Cpusets appeared in version 2.6.12 of the Linux kernel."
4326 #. ================== BUGS ==================
4328 #: build/C/man7/cpuset.7:1352
4330 "Despite its name, the I<pid> parameter is actually a thread ID, and each "
4331 "thread in a threaded group can be attached to a different cpuset. The value "
4332 "returned from a call to B<gettid>(2) can be passed in the argument I<pid>."
4336 #: build/C/man7/cpuset.7:1352 build/C/man2/getpriority.2:225 build/C/man2/getrlimit.2:535 build/C/man2/ioprio_set.2:337 build/C/man2/setfsgid.2:106 build/C/man2/setfsuid.2:114
4341 #. ================== EXAMPLE ==================
4343 #: build/C/man7/cpuset.7:1365
4345 "I<cpuset.memory_pressure> cpuset files can be opened for writing, creation, "
4346 "or truncation, but then the B<write>(2) fails with I<errno> set to "
4347 "B<EACCES>, and the creation and truncation options on B<open>(2) have no "
4352 #: build/C/man7/cpuset.7:1365 build/C/man2/getrlimit.2:610
4358 #: build/C/man7/cpuset.7:1368
4360 "The following examples demonstrate querying and setting cpuset options using "
4365 #: build/C/man7/cpuset.7:1368
4367 msgid "Creating and attaching to a cpuset."
4371 #: build/C/man7/cpuset.7:1371
4373 "To create a new cpuset and attach the current command shell to it, the steps "
4378 #: build/C/man7/cpuset.7:1373 build/C/man7/cpuset.7:1412
4384 #: build/C/man7/cpuset.7:1375
4385 msgid "mkdir /dev/cpuset (if not already done)"
4389 #: build/C/man7/cpuset.7:1375 build/C/man7/cpuset.7:1418
4395 #: build/C/man7/cpuset.7:1377
4396 msgid "mount -t cpuset none /dev/cpuset (if not already done)"
4400 #: build/C/man7/cpuset.7:1377 build/C/man7/cpuset.7:1421
4406 #: build/C/man7/cpuset.7:1380
4407 msgid "Create the new cpuset using B<mkdir>(1)."
4411 #: build/C/man7/cpuset.7:1380 build/C/man7/cpuset.7:1424
4417 #: build/C/man7/cpuset.7:1382
4418 msgid "Assign CPUs and memory nodes to the new cpuset."
4422 #: build/C/man7/cpuset.7:1382 build/C/man7/cpuset.7:1429
4428 #: build/C/man7/cpuset.7:1384
4429 msgid "Attach the shell to the new cpuset."
4433 #: build/C/man7/cpuset.7:1389
4435 "For example, the following sequence of commands will set up a cpuset named "
4436 "\"Charlie\", containing just CPUs 2 and 3, and memory node 1, and then "
4437 "attach the current shell to that cpuset."
4441 #: build/C/man7/cpuset.7:1403
4444 "$B< mkdir /dev/cpuset>\n"
4445 "$B< mount -t cpuset cpuset /dev/cpuset>\n"
4446 "$B< cd /dev/cpuset>\n"
4447 "$B< mkdir Charlie>\n"
4449 "$B< /bin/echo 2-3 E<gt> cpuset.cpus>\n"
4450 "$B< /bin/echo 1 E<gt> cpuset.mems>\n"
4451 "$B< /bin/echo $$ E<gt> tasks>\n"
4452 "# The current shell is now running in cpuset Charlie\n"
4453 "# The next line should display '/Charlie'\n"
4454 "$B< cat /proc/self/cpuset>\n"
4458 #: build/C/man7/cpuset.7:1405
4460 msgid "Migrating a job to different memory nodes."
4464 #: build/C/man7/cpuset.7:1410
4466 "To migrate a job (the set of processes attached to a cpuset) to different "
4467 "CPUs and memory nodes in the system, including moving the memory pages "
4468 "currently allocated to that job, perform the following steps."
4472 #: build/C/man7/cpuset.7:1418
4474 "Let's say we want to move the job in cpuset I<alpha> (CPUs 4-7 and memory "
4475 "nodes 2-3) to a new cpuset I<beta> (CPUs 16-19 and memory nodes 8-9)."
4479 #: build/C/man7/cpuset.7:1421
4480 msgid "First create the new cpuset I<beta>."
4484 #: build/C/man7/cpuset.7:1424
4485 msgid "Then allow CPUs 16-19 and memory nodes 8-9 in I<beta>."
4489 #: build/C/man7/cpuset.7:1429
4490 msgid "Then enable I<memory_migration> in I<beta>."
4494 #: build/C/man7/cpuset.7:1434
4495 msgid "Then move each process from I<alpha> to I<beta>."
4499 #: build/C/man7/cpuset.7:1437
4500 msgid "The following sequence of commands accomplishes this."
4504 #: build/C/man7/cpuset.7:1447
4507 "$B< cd /dev/cpuset>\n"
4510 "$B< /bin/echo 16-19 E<gt> cpuset.cpus>\n"
4511 "$B< /bin/echo 8-9 E<gt> cpuset.mems>\n"
4512 "$B< /bin/echo 1 E<gt> cpuset.memory_migrate>\n"
4513 "$B< while read i; do /bin/echo $i; done E<lt> ../alpha/tasks E<gt> tasks>\n"
4517 #: build/C/man7/cpuset.7:1456
4519 "The above should move any processes in I<alpha> to I<beta>, and any memory "
4520 "held by these processes on memory nodes 2-3 to memory nodes 8-9, "
4525 #: build/C/man7/cpuset.7:1458
4526 msgid "Notice that the last step of the above sequence did not do:"
4530 #: build/C/man7/cpuset.7:1462
4532 msgid "$B< cp ../alpha/tasks tasks>\n"
4536 #: build/C/man7/cpuset.7:1473
4538 "The I<while> loop, rather than the seemingly easier use of the B<cp>(1) "
4539 "command, was necessary because only one process PID at a time may be written "
4540 "to the I<tasks> file."
4544 #: build/C/man7/cpuset.7:1481
4546 "The same effect (writing one PID at a time) as the I<while> loop can be "
4547 "accomplished more efficiently, in fewer keystrokes and in syntax that works "
4548 "on any shell, but alas more obscurely, by using the B<-u> (unbuffered) "
4549 "option of B<sed>(1):"
4553 #: build/C/man7/cpuset.7:1485
4555 msgid "$B< sed -un p E<lt> ../alpha/tasks E<gt> tasks>\n"
4559 #: build/C/man7/cpuset.7:1503
4561 "B<taskset>(1), B<get_mempolicy>(2), B<getcpu>(2), B<mbind>(2), "
4562 "B<sched_getaffinity>(2), B<sched_setaffinity>(2), B<sched_setscheduler>(2), "
4563 "B<set_mempolicy>(2), B<CPU_SET>(3), B<proc>(5), B<numa>(7), B<sched>(7), "
4564 "B<migratepages>(8), B<numactl>(8)"
4568 #: build/C/man7/cpuset.7:1506
4569 msgid "I<Documentation/cpusets.txt> in the Linux kernel source tree"
4573 #: build/C/man7/credentials.7:27
4579 #: build/C/man7/credentials.7:30
4580 msgid "credentials - process identifiers"
4584 #: build/C/man7/credentials.7:31
4586 msgid "Process ID (PID)"
4590 #: build/C/man7/credentials.7:41
4592 "Each process has a unique nonnegative integer identifier that is assigned "
4593 "when the process is created using B<fork>(2). A process can obtain its PID "
4594 "using B<getpid>(2). A PID is represented using the type I<pid_t> (defined "
4595 "in I<E<lt>sys/types.hE<gt>>)."
4598 #. .BR sched_rr_get_interval (2),
4599 #. .BR sched_getaffinity (2),
4600 #. .BR sched_setaffinity (2),
4601 #. .BR sched_getparam (2),
4602 #. .BR sched_setparam (2),
4603 #. .BR sched_setscheduler (2),
4604 #. .BR sched_getscheduler (2),
4609 #: build/C/man7/credentials.7:62
4611 "PIDs are used in a range of system calls to identify the process affected by "
4612 "the call, for example: B<kill>(2), B<ptrace>(2), B<setpriority>(2) "
4613 "B<setpgid>(2), B<setsid>(2), B<sigqueue>(3), and B<waitpid>(2)."
4617 #: build/C/man7/credentials.7:65
4618 msgid "A process's PID is preserved across an B<execve>(2)."
4622 #: build/C/man7/credentials.7:65
4624 msgid "Parent process ID (PPID)"
4628 #: build/C/man7/credentials.7:73
4630 "A process's parent process ID identifies the process that created this "
4631 "process using B<fork>(2). A process can obtain its PPID using "
4632 "B<getppid>(2). A PPID is represented using the type I<pid_t>."
4636 #: build/C/man7/credentials.7:76
4637 msgid "A process's PPID is preserved across an B<execve>(2)."
4641 #: build/C/man7/credentials.7:76
4643 msgid "Process group ID and session ID"
4647 #: build/C/man7/credentials.7:84
4649 "Each process has a session ID and a process group ID, both represented using "
4650 "the type I<pid_t>. A process can obtain its session ID using B<getsid>(2), "
4651 "and its process group ID using B<getpgrp>(2)."
4655 #: build/C/man7/credentials.7:90
4657 "A child created by B<fork>(2) inherits its parent's session ID and process "
4658 "group ID. A process's session ID and process group ID are preserved across "
4663 #: build/C/man7/credentials.7:103
4665 "Sessions and process groups are abstractions devised to support shell job "
4666 "control. A process group (sometimes called a \"job\") is a collection of "
4667 "processes that share the same process group ID; the shell creates a new "
4668 "process group for the process(es) used to execute single command or pipeline "
4669 "(e.g., the two processes created to execute the command \"ls\\ |\\ wc\" are "
4670 "placed in the same process group). A process's group membership can be set "
4671 "using B<setpgid>(2). The process whose process ID is the same as its "
4672 "process group ID is the I<process group leader> for that group."
4676 #: build/C/man7/credentials.7:115
4678 "A session is a collection of processes that share the same session ID. All "
4679 "of the members of a process group also have the same session ID (i.e., all "
4680 "of the members of a process group always belong to the same session, so that "
4681 "sessions and process groups form a strict two-level hierarchy of processes.) "
4682 "A new session is created when a process calls B<setsid>(2), which creates a "
4683 "new session whose session ID is the same as the PID of the process that "
4684 "called B<setsid>(2). The creator of the session is called the I<session "
4689 #: build/C/man7/credentials.7:124
4691 "All of the processes in a session share a I<controlling terminal>. The "
4692 "controlling terminal is established when the session leader first opens a "
4693 "terminal (unless the B<O_NOCTTY> flag is specified when calling "
4694 "B<open>(2)). A terminal may be the controlling terminal of at most one "
4699 #: build/C/man7/credentials.7:146
4701 "At most one of the jobs in a session may be the I<foreground job>; other "
4702 "jobs in the session are I<background jobs>. Only the foreground job may "
4703 "read from the terminal; when a process in the background attempts to read "
4704 "from the terminal, its process group is sent a B<SIGTTIN> signal, which "
4705 "suspends the job. If the B<TOSTOP> flag has been set for the terminal (see "
4706 "B<termios>(3)), then only the foreground job may write to the terminal; "
4707 "writes from background job cause a B<SIGTTOU> signal to be generated, which "
4708 "suspends the job. When terminal keys that generate a signal (such as the "
4709 "I<interrupt> key, normally control-C) are pressed, the signal is sent to "
4710 "the processes in the foreground job."
4714 #: build/C/man7/credentials.7:167
4716 "Various system calls and library functions may operate on all members of a "
4717 "process group, including B<kill>(2), B<killpg>(2), B<getpriority>(2), "
4718 "B<setpriority>(2), B<ioprio_get>(2), B<ioprio_set>(2), B<waitid>(2), and "
4719 "B<waitpid>(2). See also the discussion of the B<F_GETOWN>, B<F_GETOWN_EX>, "
4720 "B<F_SETOWN>, and B<F_SETOWN_EX> operations in B<fcntl>(2)."
4724 #: build/C/man7/credentials.7:167
4726 msgid "User and group identifiers"
4730 #: build/C/man7/credentials.7:175
4732 "Each process has various associated user and groups IDs. These IDs are "
4733 "integers, respectively represented using the types I<uid_t> and I<gid_t> "
4734 "(defined in I<E<lt>sys/types.hE<gt>>)."
4738 #: build/C/man7/credentials.7:177
4739 msgid "On Linux, each process has the following user and group identifiers:"
4743 #: build/C/man7/credentials.7:183
4745 "Real user ID and real group ID. These IDs determine who owns the process. "
4746 "A process can obtain its real user (group) ID using B<getuid>(2) "
4751 #: build/C/man7/credentials.7:195
4753 "Effective user ID and effective group ID. These IDs are used by the kernel "
4754 "to determine the permissions that the process will have when accessing "
4755 "shared resources such as message queues, shared memory, and semaphores. On "
4756 "most UNIX systems, these IDs also determine the permissions when accessing "
4757 "files. However, Linux uses the filesystem IDs described below for this "
4758 "task. A process can obtain its effective user (group) ID using "
4759 "B<geteuid>(2) (B<getegid>(2))."
4763 #: build/C/man7/credentials.7:217
4765 "Saved set-user-ID and saved set-group-ID. These IDs are used in set-user-ID "
4766 "and set-group-ID programs to save a copy of the corresponding effective IDs "
4767 "that were set when the program was executed (see B<execve>(2)). A "
4768 "set-user-ID program can assume and drop privileges by switching its "
4769 "effective user ID back and forth between the values in its real user ID and "
4770 "saved set-user-ID. This switching is done via calls to B<seteuid>(2), "
4771 "B<setreuid>(2), or B<setresuid>(2). A set-group-ID program performs the "
4772 "analogous tasks using B<setegid>(2), B<setregid>(2), or B<setresgid>(2). A "
4773 "process can obtain its saved set-user-ID (set-group-ID) using "
4774 "B<getresuid>(2) (B<getresgid>(2))."
4778 #: build/C/man7/credentials.7:234
4780 "Filesystem user ID and filesystem group ID (Linux-specific). These IDs, in "
4781 "conjunction with the supplementary group IDs described below, are used to "
4782 "determine permissions for accessing files; see B<path_resolution>(7) for "
4783 "details. Whenever a process's effective user (group) ID is changed, the "
4784 "kernel also automatically changes the filesystem user (group) ID to the same "
4785 "value. Consequently, the filesystem IDs normally have the same values as "
4786 "the corresponding effective ID, and the semantics for file-permission checks "
4787 "are thus the same on Linux as on other UNIX systems. The filesystem IDs can "
4788 "be made to differ from the effective IDs by calling B<setfsuid>(2) and "
4792 #. Since kernel 2.6.4, the limit is visible via the read-only file
4793 #. /proc/sys/kernel/ngroups_max.
4794 #. As at 2.6.22-rc2, this file is still read-only.
4796 #: build/C/man7/credentials.7:253
4798 "Supplementary group IDs. This is a set of additional group IDs that are "
4799 "used for permission checks when accessing files and other shared resources. "
4800 "On Linux kernels before 2.6.4, a process can be a member of up to 32 "
4801 "supplementary groups; since kernel 2.6.4, a process can be a member of up to "
4802 "65536 supplementary groups. The call I<sysconf(_SC_NGROUPS_MAX)> can be "
4803 "used to determine the number of supplementary groups of which a process may "
4804 "be a member. A process can obtain its set of supplementary group IDs using "
4805 "B<getgroups>(2), and can modify the set using B<setgroups>(2)."
4809 #: build/C/man7/credentials.7:263
4811 "A child process created by B<fork>(2) inherits copies of its parent's user "
4812 "and groups IDs. During an B<execve>(2), a process's real user and group ID "
4813 "and supplementary group IDs are preserved; the effective and saved set IDs "
4814 "may be changed, as described in B<execve>(2)."
4818 #: build/C/man7/credentials.7:266
4820 "Aside from the purposes noted above, a process's user IDs are also employed "
4821 "in a number of other contexts:"
4825 #: build/C/man7/credentials.7:269
4826 msgid "when determining the permissions for sending signals\\(emsee B<kill>(2);"
4830 #: build/C/man7/credentials.7:280
4832 "when determining the permissions for setting process-scheduling parameters "
4833 "(nice value, real time scheduling policy and priority, CPU affinity, I/O "
4834 "priority) using B<setpriority>(2), B<sched_setaffinity>(2), "
4835 "B<sched_setscheduler>(2), B<sched_setparam>(2), B<sched_setattr>(2), and "
4840 #: build/C/man7/credentials.7:283
4841 msgid "when checking resource limits; see B<getrlimit>(2);"
4845 #: build/C/man7/credentials.7:287
4847 "when checking the limit on the number of inotify instances that the process "
4848 "may create; see B<inotify>(7)."
4852 #: build/C/man7/credentials.7:293
4854 "Process IDs, parent process IDs, process group IDs, and session IDs are "
4855 "specified in POSIX.1-2001. The real, effective, and saved set user and "
4856 "groups IDs, and the supplementary group IDs, are specified in POSIX.1-2001. "
4857 "The filesystem user and group IDs are a Linux extension."
4861 #: build/C/man7/credentials.7:304
4863 "The POSIX threads specification requires that credentials are shared by all "
4864 "of the threads in a process. However, at the kernel level, Linux maintains "
4865 "separate user and group credentials for each thread. The NPTL threading "
4866 "implementation does some work to ensure that any change to user or group "
4867 "credentials (e.g., calls to B<setuid>(2), B<setresuid>(2)) is carried "
4868 "through to all of the POSIX threads in a process."
4872 #: build/C/man7/credentials.7:336
4874 "B<bash>(1), B<csh>(1), B<ps>(1), B<access>(2), B<execve>(2), "
4875 "B<faccessat>(2), B<fork>(2), B<getpgrp>(2), B<getpid>(2), B<getppid>(2), "
4876 "B<getsid>(2), B<kill>(2), B<killpg>(2), B<setegid>(2), B<seteuid>(2), "
4877 "B<setfsgid>(2), B<setfsuid>(2), B<setgid>(2), B<setgroups>(2), "
4878 "B<setresgid>(2), B<setresuid>(2), B<setuid>(2), B<waitpid>(2), "
4879 "B<euidaccess>(3), B<initgroups>(3), B<tcgetpgrp>(3), B<tcsetpgrp>(3), "
4880 "B<capabilities>(7), B<path_resolution>(7), B<signal>(7), B<unix>(7)"
4884 #: build/C/man2/getgid.2:25
4890 #: build/C/man2/getgid.2:25 build/C/man2/getresuid.2:28 build/C/man2/getuid.2:26 build/C/man2/setgid.2:29 build/C/man2/setresuid.2:26 build/C/man2/setuid.2:30
4896 #: build/C/man2/getgid.2:28
4897 msgid "getgid, getegid - get group identity"
4901 #: build/C/man2/getgid.2:30 build/C/man2/getgroups.2:38 build/C/man2/getpid.2:32 build/C/man2/getresuid.2:35 build/C/man2/getsid.2:31 build/C/man2/getuid.2:31 build/C/man2/seteuid.2:36 build/C/man2/setgid.2:36 build/C/man2/setpgid.2:53 build/C/man2/setresuid.2:33 build/C/man2/setreuid.2:52 build/C/man2/setsid.2:36 build/C/man2/setuid.2:37
4902 msgid "B<#include E<lt>unistd.hE<gt>>"
4906 #: build/C/man2/getgid.2:32 build/C/man2/getgroups.2:36 build/C/man2/getpid.2:30 build/C/man2/getuid.2:33 build/C/man2/seteuid.2:34 build/C/man2/setgid.2:34 build/C/man2/setreuid.2:50 build/C/man2/setuid.2:35
4907 msgid "B<#include E<lt>sys/types.hE<gt>>"
4911 #: build/C/man2/getgid.2:34
4912 msgid "B<gid_t getgid(void);>"
4916 #: build/C/man2/getgid.2:36
4917 msgid "B<gid_t getegid(void);>"
4921 #: build/C/man2/getgid.2:39
4922 msgid "B<getgid>() returns the real group ID of the calling process."
4926 #: build/C/man2/getgid.2:42
4927 msgid "B<getegid>() returns the effective group ID of the calling process."
4931 #: build/C/man2/getgid.2:44 build/C/man2/getpid.2:46 build/C/man2/getuid.2:45
4932 msgid "These functions are always successful."
4936 #: build/C/man2/getgid.2:46 build/C/man2/getuid.2:47
4937 msgid "POSIX.1-2001, 4.3BSD."
4941 #: build/C/man2/getgid.2:62
4943 "The original Linux B<getgid>() and B<getegid>() system calls supported "
4944 "only 16-bit group IDs. Subsequently, Linux 2.4 added B<getgid32>() and "
4945 "B<getegid32>(), supporting 32-bit IDs. The glibc B<getgid>() and "
4946 "B<getegid>() wrapper functions transparently deal with the variations "
4947 "across kernel versions."
4951 #: build/C/man2/getgid.2:67
4952 msgid "B<getresgid>(2), B<setgid>(2), B<setregid>(2), B<credentials>(7)"
4956 #: build/C/man2/getgroups.2:31
4962 #: build/C/man2/getgroups.2:31
4968 #: build/C/man2/getgroups.2:34
4969 msgid "getgroups, setgroups - get/set list of supplementary group IDs"
4973 #: build/C/man2/getgroups.2:40
4974 msgid "B<int getgroups(int >I<size>B<, gid_t >I<list>B<[]);>"
4978 #: build/C/man2/getgroups.2:42
4979 msgid "B<#include E<lt>grp.hE<gt>>"
4983 #: build/C/man2/getgroups.2:44
4984 msgid "B<int setgroups(size_t >I<size>B<, const gid_t *>I<list>B<);>"
4988 #: build/C/man2/getgroups.2:52
4989 msgid "B<setgroups>(): _BSD_SOURCE"
4993 #: build/C/man2/getgroups.2:70
4995 "B<getgroups>() returns the supplementary group IDs of the calling process "
4996 "in I<list>. The argument I<size> should be set to the maximum number of "
4997 "items that can be stored in the buffer pointed to by I<list>. If the "
4998 "calling process is a member of more than I<size> supplementary groups, then "
4999 "an error results. It is unspecified whether the effective group ID of the "
5000 "calling process is included in the returned list. (Thus, an application "
5001 "should also call B<getegid>(2) and add or remove the resulting value.)"
5005 #: build/C/man2/getgroups.2:81
5007 "If I<size> is zero, I<list> is not modified, but the total number of "
5008 "supplementary group IDs for the process is returned. This allows the caller "
5009 "to determine the size of a dynamically allocated I<list> to be used in a "
5010 "further call to B<getgroups>()."
5014 #: build/C/man2/getgroups.2:92
5016 "B<setgroups>() sets the supplementary group IDs for the calling process. "
5017 "Appropriate privileges (Linux: the B<CAP_SETGID> capability) are required. "
5018 "The I<size> argument specifies the number of supplementary group IDs in the "
5019 "buffer pointed to by I<list>."
5023 #: build/C/man2/getgroups.2:99
5025 "On success, B<getgroups>() returns the number of supplementary group IDs. "
5026 "On error, -1 is returned, and I<errno> is set appropriately."
5030 #: build/C/man2/getgroups.2:106
5032 "On success, B<setgroups>() returns 0. On error, -1 is returned, and "
5033 "I<errno> is set appropriately."
5037 #: build/C/man2/getgroups.2:111
5038 msgid "I<list> has an invalid address."
5042 #: build/C/man2/getgroups.2:114
5043 msgid "B<getgroups>() can additionally fail with the following error:"
5047 #: build/C/man2/getgroups.2:118
5048 msgid "I<size> is less than the number of supplementary group IDs, but is not zero."
5052 #: build/C/man2/getgroups.2:121
5053 msgid "B<setgroups>() can additionally fail with the following errors:"
5057 #: build/C/man2/getgroups.2:127
5059 "I<size> is greater than B<NGROUPS_MAX> (32 before Linux 2.6.4; 65536 since "
5064 #: build/C/man2/getgroups.2:133
5065 msgid "The calling process has insufficient privilege."
5069 #: build/C/man2/getgroups.2:141
5071 "SVr4, 4.3BSD. The B<getgroups>() function is in POSIX.1-2001. Since "
5072 "B<setgroups>() requires privilege, it is not covered by POSIX.1-2001."
5076 #: build/C/man2/getgroups.2:153
5078 "A process can have up to B<NGROUPS_MAX> supplementary group IDs in addition "
5079 "to the effective group ID. The constant B<NGROUPS_MAX> is defined in "
5080 "I<E<lt>limits.hE<gt>>. The set of supplementary group IDs is inherited from "
5081 "the parent process, and preserved across an B<execve>(2)."
5085 #: build/C/man2/getgroups.2:156
5087 "The maximum number of supplementary group IDs can be found at run time using "
5092 #: build/C/man2/getgroups.2:160
5095 " long ngroups_max;\n"
5096 " ngroups_max = sysconf(_SC_NGROUPS_MAX);\n"
5100 #: build/C/man2/getgroups.2:168
5102 "The maximum return value of B<getgroups>() cannot be larger than one more "
5103 "than this value. Since Linux 2.6.4, the maximum number of supplementary "
5104 "group IDs is also exposed via the Linux-specific read-only file, "
5105 "I</proc/sys/kernel/ngroups_max>."
5109 #: build/C/man2/getgroups.2:178
5111 "The original Linux B<getgroups>() system call supported only 16-bit group "
5112 "IDs. Subsequently, Linux 2.4 added B<getgroups32>(), supporting 32-bit "
5113 "IDs. The glibc B<getgroups>() wrapper function transparently deals with "
5114 "the variation across kernel versions."
5118 #: build/C/man2/getgroups.2:185
5120 "B<getgid>(2), B<setgid>(2), B<getgrouplist>(3), B<initgroups>(3), "
5121 "B<capabilities>(7), B<credentials>(7)"
5125 #: build/C/man2/getpid.2:25
5131 #: build/C/man2/getpid.2:25
5137 #: build/C/man2/getpid.2:28
5138 msgid "getpid, getppid - get process identification"
5142 #: build/C/man2/getpid.2:34
5143 msgid "B<pid_t getpid(void);>"
5147 #: build/C/man2/getpid.2:36
5148 msgid "B<pid_t getppid(void);>"
5152 #: build/C/man2/getpid.2:41
5154 "B<getpid>() returns the process ID of the calling process. (This is often "
5155 "used by routines that generate unique temporary filenames.)"
5159 #: build/C/man2/getpid.2:44
5160 msgid "B<getppid>() returns the process ID of the parent of the calling process."
5164 #: build/C/man2/getpid.2:48
5165 msgid "POSIX.1-2001, 4.3BSD, SVr4."
5168 #. The following program demonstrates this "feature":
5170 #. #define _GNU_SOURCE
5171 #. #include <sys/syscall.h>
5172 #. #include <sys/wait.h>
5173 #. #include <stdio.h>
5174 #. #include <stdlib.h>
5175 #. #include <unistd.h>
5178 #. main(int argc, char *argv[])
5180 #. /* The following statement fills the getpid() cache */
5182 #. printf("parent PID = %ld
5183 #. ", (long) getpid());
5185 #. if (syscall(SYS_fork) == 0) {
5186 #. if (getpid() != syscall(SYS_getpid))
5187 #. printf("child getpid() mismatch: getpid()=%ld; "
5188 #. "syscall(SYS_getpid)=%ld
5190 #. (long) getpid(), (long) syscall(SYS_getpid));
5191 #. exit(EXIT_SUCCESS);
5196 #: build/C/man2/getpid.2:100
5198 "Since glibc version 2.3.4, the glibc wrapper function for B<getpid>() "
5199 "caches PIDs, so as to avoid additional system calls when a process calls "
5200 "B<getpid>() repeatedly. Normally this caching is invisible, but its "
5201 "correct operation relies on support in the wrapper functions for B<fork>(2), "
5202 "B<vfork>(2), and B<clone>(2): if an application bypasses the glibc wrappers "
5203 "for these system calls by using B<syscall>(2), then a call to B<getpid>() "
5204 "in the child will return the wrong value (to be precise: it will return the "
5205 "PID of the parent process). See also B<clone>(2) for discussion of a case "
5206 "where B<getpid>() may return the wrong value even when invoking B<clone>(2) "
5207 "via the glibc wrapper function."
5211 #: build/C/man2/getpid.2:110
5213 "B<clone>(2), B<fork>(2), B<kill>(2), B<exec>(3), B<mkstemp>(3), "
5214 "B<tempnam>(3), B<tmpfile>(3), B<tmpnam>(3), B<credentials>(7)"
5218 #: build/C/man2/getpriority.2:48
5224 #: build/C/man2/getpriority.2:48 build/C/man2/getrusage.2:39
5230 #: build/C/man2/getpriority.2:51
5231 msgid "getpriority, setpriority - get/set program scheduling priority"
5235 #: build/C/man2/getpriority.2:53 build/C/man2/getrlimit.2:69 build/C/man2/getrusage.2:44
5236 msgid "B<#include E<lt>sys/time.hE<gt>>"
5240 #: build/C/man2/getpriority.2:55 build/C/man2/getrlimit.2:71 build/C/man2/getrusage.2:46
5241 msgid "B<#include E<lt>sys/resource.hE<gt>>"
5245 #: build/C/man2/getpriority.2:57
5246 msgid "B<int getpriority(int >I<which>B<, id_t >I<who>B<);>"
5250 #: build/C/man2/getpriority.2:59
5251 msgid "B<int setpriority(int >I<which>B<, id_t >I<who>B<, int >I<prio>B<);>"
5255 #: build/C/man2/getpriority.2:70
5257 "The scheduling priority of the process, process group, or user, as indicated "
5258 "by I<which> and I<who> is obtained with the B<getpriority>() call and set "
5259 "with the B<setpriority>() call."
5263 #: build/C/man2/getpriority.2:97
5265 "The value I<which> is one of B<PRIO_PROCESS>, B<PRIO_PGRP>, or B<PRIO_USER>, "
5266 "and I<who> is interpreted relative to I<which> (a process identifier for "
5267 "B<PRIO_PROCESS>, process group identifier for B<PRIO_PGRP>, and a user ID "
5268 "for B<PRIO_USER>). A zero value for I<who> denotes (respectively) the "
5269 "calling process, the process group of the calling process, or the real user "
5270 "ID of the calling process. I<Prio> is a value in the range -20 to 19 (but "
5271 "see the Notes below). The default priority is 0; lower priorities cause "
5272 "more favorable scheduling."
5276 #: build/C/man2/getpriority.2:107
5278 "The B<getpriority>() call returns the highest priority (lowest numerical "
5279 "value) enjoyed by any of the specified processes. The B<setpriority>() "
5280 "call sets the priorities of all of the specified processes to the specified "
5281 "value. Only the superuser may lower priorities."
5285 #: build/C/man2/getpriority.2:120
5287 "Since B<getpriority>() can legitimately return the value -1, it is "
5288 "necessary to clear the external variable I<errno> prior to the call, then "
5289 "check it afterward to determine if -1 is an error or a legitimate value. "
5290 "The B<setpriority>() call returns 0 if there is no error, or -1 if there "
5295 #: build/C/man2/getpriority.2:129
5296 msgid "I<which> was not one of B<PRIO_PROCESS>, B<PRIO_PGRP>, or B<PRIO_USER>."
5300 #: build/C/man2/getpriority.2:136
5301 msgid "No process was located using the I<which> and I<who> values specified."
5305 #: build/C/man2/getpriority.2:140
5306 msgid "In addition to the errors indicated above, B<setpriority>() may fail if:"
5310 #: build/C/man2/getpriority.2:152
5312 "The caller attempted to lower a process priority, but did not have the "
5313 "required privilege (on Linux: did not have the B<CAP_SYS_NICE> capability). "
5314 "Since Linux 2.6.12, this error occurs only if the caller attempts to set a "
5315 "process priority outside the range of the B<RLIMIT_NICE> soft resource limit "
5316 "of the target process; see B<getrlimit>(2) for details."
5320 #: build/C/man2/getpriority.2:160
5322 "A process was located, but its effective user ID did not match either the "
5323 "effective or the real user ID of the caller, and was not privileged (on "
5324 "Linux: did not have the B<CAP_SYS_NICE> capability). But see NOTES below."
5328 #: build/C/man2/getpriority.2:163
5329 msgid "SVr4, 4.4BSD (these function calls first appeared in 4.2BSD), POSIX.1-2001."
5333 #: build/C/man2/getpriority.2:169
5335 "A child created by B<fork>(2) inherits its parent's nice value. The nice "
5336 "value is preserved across B<execve>(2)."
5340 #: build/C/man2/getpriority.2:180
5342 "The degree to which their relative nice value affects the scheduling of "
5343 "processes varies across UNIX systems, and, on Linux, across kernel "
5344 "versions. Starting with kernel 2.6.23, Linux adopted an algorithm that "
5345 "causes relative differences in nice values to have a much stronger effect. "
5346 "This causes very low nice values (+19) to truly provide little CPU to a "
5347 "process whenever there is any other higher priority load on the system, and "
5348 "makes high nice values (-20) deliver most of the CPU to applications that "
5349 "require it (e.g., some audio applications)."
5353 #: build/C/man2/getpriority.2:195
5355 "The details on the condition for B<EPERM> depend on the system. The above "
5356 "description is what POSIX.1-2001 says, and seems to be followed on all "
5357 "System\\ V-like systems. Linux kernels before 2.6.12 required the real or "
5358 "effective user ID of the caller to match the real user of the process I<who> "
5359 "(instead of its effective user ID). Linux 2.6.12 and later require the "
5360 "effective user ID of the caller to match the real or effective user ID of "
5361 "the process I<who>. All BSD-like systems (SunOS 4.1.3, Ultrix 4.2, 4.3BSD, "
5362 "FreeBSD 4.3, OpenBSD-2.5, ...) behave in the same manner as Linux 2.6.12 and "
5367 #: build/C/man2/getpriority.2:211
5369 "The actual priority range varies between kernel versions. Linux before "
5370 "1.3.36 had -infinity..15. Since kernel 1.3.43, Linux has the range "
5371 "-20..19. Within the kernel, nice values are actually represented using the "
5372 "corresponding range 40..1 (since negative numbers are error codes) and these "
5373 "are the values employed by the B<setpriority>() and B<getpriority>() "
5374 "system calls. The glibc wrapper functions for these system calls handle the "
5375 "translations between the user-land and kernel representations of the nice "
5376 "value according to the formula I<unice\\ =\\ 20\\ -\\ knice>."
5380 #: build/C/man2/getpriority.2:213
5381 msgid "On some systems, the range of nice values is -20..20."
5385 #: build/C/man2/getpriority.2:225
5387 "Including I<E<lt>sys/time.hE<gt>> is not required these days, but increases "
5388 "portability. (Indeed, I<E<lt>sys/resource.hE<gt>> defines the I<rusage> "
5389 "structure with fields of type I<struct timeval> defined in "
5390 "I<E<lt>sys/time.hE<gt>>.)"
5394 #: build/C/man2/getpriority.2:232
5396 "According to POSIX, the nice value is a per-process setting. However, under "
5397 "the current Linux/NPTL implementation of POSIX threads, the nice value is a "
5398 "per-thread attribute: different threads in the same process can have "
5399 "different nice values. Portable applications should avoid relying on the "
5400 "Linux behavior, which may be made standards conformant in the future."
5404 #: build/C/man2/getpriority.2:238
5405 msgid "B<nice>(1), B<renice>(1), B<fork>(2), B<capabilities>(7), B<sched>(7)"
5409 #: build/C/man2/getpriority.2:241
5411 "I<Documentation/scheduler/sched-nice-design.txt> in the Linux kernel source "
5412 "tree (since Linux 2.6.23)"
5416 #: build/C/man2/getresuid.2:28
5422 #: build/C/man2/getresuid.2:31
5423 msgid "getresuid, getresgid - get real, effective and saved user/group IDs"
5427 #: build/C/man2/getresuid.2:33 build/C/man2/setresuid.2:31
5428 msgid "B<#define _GNU_SOURCE> /* See feature_test_macros(7) */"
5432 #: build/C/man2/getresuid.2:37
5433 msgid "B<int getresuid(uid_t *>I<ruid>B<, uid_t *>I<euid>B<, uid_t *>I<suid>B<);>"
5437 #: build/C/man2/getresuid.2:39
5438 msgid "B<int getresgid(gid_t *>I<rgid>B<, gid_t *>I<egid>B<, gid_t *>I<sgid>B<);>"
5442 #: build/C/man2/getresuid.2:50
5444 "B<getresuid>() returns the real UID, the effective UID, and the saved "
5445 "set-user-ID of the calling process, in the arguments I<ruid>, I<euid>, and "
5446 "I<suid>, respectively. B<getresgid>() performs the analogous task for the "
5447 "process's group IDs."
5451 #: build/C/man2/getresuid.2:60
5453 "One of the arguments specified an address outside the calling program's "
5458 #: build/C/man2/getresuid.2:62
5459 msgid "These system calls appeared on Linux starting with kernel 2.1.44."
5463 #: build/C/man2/getresuid.2:67
5465 "The prototypes are given by glibc since version 2.3.2, provided "
5466 "B<_GNU_SOURCE> is defined."
5470 #: build/C/man2/getresuid.2:70 build/C/man2/setresuid.2:86
5471 msgid "These calls are nonstandard; they also appear on HP-UX and some of the BSDs."
5475 #: build/C/man2/getresuid.2:86
5477 "The original Linux B<getresuid>() and B<getresgid>() system calls "
5478 "supported only 16-bit user and group IDs. Subsequently, Linux 2.4 added "
5479 "B<getresuid32>() and B<getresgid32>(), supporting 32-bit IDs. The glibc "
5480 "B<getresuid>() and B<getresgid>() wrapper functions transparently deal "
5481 "with the variations across kernel versions."
5485 #: build/C/man2/getresuid.2:92
5487 "B<getuid>(2), B<setresuid>(2), B<setreuid>(2), B<setuid>(2), "
5492 #: build/C/man2/getrlimit.2:64
5498 #: build/C/man2/getrlimit.2:64
5504 #: build/C/man2/getrlimit.2:67
5505 msgid "getrlimit, setrlimit, prlimit - get/set resource limits"
5509 #: build/C/man2/getrlimit.2:73
5510 msgid "B<int getrlimit(int >I<resource>B<, struct rlimit *>I<rlim>B<);>"
5514 #: build/C/man2/getrlimit.2:75
5515 msgid "B<int setrlimit(int >I<resource>B<, const struct rlimit *>I<rlim>B<);>"
5519 #: build/C/man2/getrlimit.2:78
5521 "B<int prlimit(pid_t >I<pid>B<, int >I<resource>B<, const struct rlimit "
5522 "*>I<new_limit>B<,>"
5526 #: build/C/man2/getrlimit.2:80
5527 msgid "B< struct rlimit *>I<old_limit>B<);>"
5531 #: build/C/man2/getrlimit.2:88
5532 msgid "B<prlimit>(): _GNU_SOURCE && _FILE_OFFSET_BITS == 64"
5536 #: build/C/man2/getrlimit.2:97
5538 "The B<getrlimit>() and B<setrlimit>() system calls get and set resource "
5539 "limits respectively. Each resource has an associated soft and hard limit, "
5540 "as defined by the I<rlimit> structure:"
5544 #: build/C/man2/getrlimit.2:104
5548 " rlim_t rlim_cur; /* Soft limit */\n"
5549 " rlim_t rlim_max; /* Hard limit (ceiling for rlim_cur) */\n"
5554 #: build/C/man2/getrlimit.2:115
5556 "The soft limit is the value that the kernel enforces for the corresponding "
5557 "resource. The hard limit acts as a ceiling for the soft limit: an "
5558 "unprivileged process may set only its soft limit to a value in the range "
5559 "from 0 up to the hard limit, and (irreversibly) lower its hard limit. A "
5560 "privileged process (under Linux: one with the B<CAP_SYS_RESOURCE> "
5561 "capability) may make arbitrary changes to either limit value."
5565 #: build/C/man2/getrlimit.2:122
5567 "The value B<RLIM_INFINITY> denotes no limit on a resource (both in the "
5568 "structure returned by B<getrlimit>() and in the structure passed to "
5573 #: build/C/man2/getrlimit.2:126
5574 msgid "The I<resource> argument must be one of:"
5578 #: build/C/man2/getrlimit.2:126
5580 msgid "B<RLIMIT_AS>"
5583 #. since 2.0.27 / 2.1.12
5585 #: build/C/man2/getrlimit.2:146
5587 "The maximum size of the process's virtual memory (address space) in bytes. "
5588 "This limit affects calls to B<brk>(2), B<mmap>(2) and B<mremap>(2), which "
5589 "fail with the error B<ENOMEM> upon exceeding this limit. Also automatic "
5590 "stack expansion will fail (and generate a B<SIGSEGV> that kills the process "
5591 "if no alternate stack has been made available via B<sigaltstack>(2)). Since "
5592 "the value is a I<long>, on machines with a 32-bit I<long> either this limit "
5593 "is at most 2 GiB, or this resource is unlimited."
5597 #: build/C/man2/getrlimit.2:146
5599 msgid "B<RLIMIT_CORE>"
5603 #: build/C/man2/getrlimit.2:153
5605 "Maximum size of I<core> file. When 0 no core dump files are created. When "
5606 "nonzero, larger dumps are truncated to this size."
5610 #: build/C/man2/getrlimit.2:153
5612 msgid "B<RLIMIT_CPU>"
5616 #: build/C/man2/getrlimit.2:173
5618 "CPU time limit in seconds. When the process reaches the soft limit, it is "
5619 "sent a B<SIGXCPU> signal. The default action for this signal is to "
5620 "terminate the process. However, the signal can be caught, and the handler "
5621 "can return control to the main program. If the process continues to consume "
5622 "CPU time, it will be sent B<SIGXCPU> once per second until the hard limit is "
5623 "reached, at which time it is sent B<SIGKILL>. (This latter point describes "
5624 "Linux behavior. Implementations vary in how they treat processes which "
5625 "continue to consume CPU time after reaching the soft limit. Portable "
5626 "applications that need to catch this signal should perform an orderly "
5627 "termination upon first receipt of B<SIGXCPU>.)"
5631 #: build/C/man2/getrlimit.2:173
5633 msgid "B<RLIMIT_DATA>"
5637 #: build/C/man2/getrlimit.2:184
5639 "The maximum size of the process's data segment (initialized data, "
5640 "uninitialized data, and heap). This limit affects calls to B<brk>(2) and "
5641 "B<sbrk>(2), which fail with the error B<ENOMEM> upon encountering the soft "
5642 "limit of this resource."
5646 #: build/C/man2/getrlimit.2:184
5648 msgid "B<RLIMIT_FSIZE>"
5652 #: build/C/man2/getrlimit.2:196
5654 "The maximum size of files that the process may create. Attempts to extend a "
5655 "file beyond this limit result in delivery of a B<SIGXFSZ> signal. By "
5656 "default, this signal terminates a process, but a process can catch this "
5657 "signal instead, in which case the relevant system call (e.g., B<write>(2), "
5658 "B<truncate>(2)) fails with the error B<EFBIG>."
5662 #: build/C/man2/getrlimit.2:196
5664 msgid "B<RLIMIT_LOCKS> (Early Linux 2.4 only)"
5667 #. to be precise: Linux 2.4.0-test9; no longer in 2.4.25 / 2.5.65
5669 #: build/C/man2/getrlimit.2:204
5671 "A limit on the combined number of B<flock>(2) locks and B<fcntl>(2) leases "
5672 "that this process may establish."
5676 #: build/C/man2/getrlimit.2:204
5678 msgid "B<RLIMIT_MEMLOCK>"
5682 #: build/C/man2/getrlimit.2:242
5684 "The maximum number of bytes of memory that may be locked into RAM. In "
5685 "effect this limit is rounded down to the nearest multiple of the system page "
5686 "size. This limit affects B<mlock>(2) and B<mlockall>(2) and the "
5687 "B<mmap>(2) B<MAP_LOCKED> operation. Since Linux 2.6.9 it also affects the "
5688 "B<shmctl>(2) B<SHM_LOCK> operation, where it sets a maximum on the total "
5689 "bytes in shared memory segments (see B<shmget>(2)) that may be locked by "
5690 "the real user ID of the calling process. The B<shmctl>(2) B<SHM_LOCK> "
5691 "locks are accounted for separately from the per-process memory locks "
5692 "established by B<mlock>(2), B<mlockall>(2), and B<mmap>(2) B<MAP_LOCKED>; a "
5693 "process can lock bytes up to this limit in each of these two categories. In "
5694 "Linux kernels before 2.6.9, this limit controlled the amount of memory that "
5695 "could be locked by a privileged process. Since Linux 2.6.9, no limits are "
5696 "placed on the amount of memory that a privileged process may lock, and this "
5697 "limit instead governs the amount of memory that an unprivileged process may "
5702 #: build/C/man2/getrlimit.2:242
5704 msgid "B<RLIMIT_MSGQUEUE> (since Linux 2.6.8)"
5708 #: build/C/man2/getrlimit.2:250
5710 "Specifies the limit on the number of bytes that can be allocated for POSIX "
5711 "message queues for the real user ID of the calling process. This limit is "
5712 "enforced for B<mq_open>(3). Each message queue that the user creates counts "
5713 "(until it is removed) against this limit according to the formula:"
5717 #: build/C/man2/getrlimit.2:254
5720 " bytes = attr.mq_maxmsg * sizeof(struct msg_msg *) +\n"
5721 " attr.mq_maxmsg * attr.mq_msgsize\n"
5725 #: build/C/man2/getrlimit.2:262
5727 "where I<attr> is the I<mq_attr> structure specified as the fourth argument "
5732 #: build/C/man2/getrlimit.2:268
5734 "The first addend in the formula, which includes I<sizeof(struct msg_msg\\ "
5735 "*)> (4 bytes on Linux/i386), ensures that the user cannot create an "
5736 "unlimited number of zero-length messages (such messages nevertheless each "
5737 "consume some system memory for bookkeeping overhead)."
5741 #: build/C/man2/getrlimit.2:268
5743 msgid "B<RLIMIT_NICE> (since Linux 2.6.12, but see BUGS below)"
5747 #: build/C/man2/getrlimit.2:281
5749 "Specifies a ceiling to which the process's nice value can be raised using "
5750 "B<setpriority>(2) or B<nice>(2). The actual ceiling for the nice value is "
5751 "calculated as I<20\\ -\\ rlim_cur>. (This strangeness occurs because "
5752 "negative numbers cannot be specified as resource limit values, since they "
5753 "typically have special meanings. For example, B<RLIM_INFINITY> typically is "
5758 #: build/C/man2/getrlimit.2:281
5760 msgid "B<RLIMIT_NOFILE>"
5764 #: build/C/man2/getrlimit.2:295
5766 "Specifies a value one greater than the maximum file descriptor number that "
5767 "can be opened by this process. Attempts (B<open>(2), B<pipe>(2), B<dup>(2), "
5768 "etc.) to exceed this limit yield the error B<EMFILE>. (Historically, this "
5769 "limit was named B<RLIMIT_OFILE> on BSD.)"
5773 #: build/C/man2/getrlimit.2:295
5775 msgid "B<RLIMIT_NPROC>"
5779 #: build/C/man2/getrlimit.2:308
5781 "The maximum number of processes (or, more precisely on Linux, threads) that "
5782 "can be created for the real user ID of the calling process. Upon "
5783 "encountering this limit, B<fork>(2) fails with the error B<EAGAIN>. This "
5784 "limit is not enforced for processes that have either the B<CAP_SYS_ADMIN> or "
5785 "the B<CAP_SYS_RESOURCE> capability."
5789 #: build/C/man2/getrlimit.2:308
5791 msgid "B<RLIMIT_RSS>"
5794 #. As at kernel 2.6.12, this limit still does nothing in 2.6 though
5795 #. talk of making it do something has surfaced from time to time in LKML
5798 #: build/C/man2/getrlimit.2:320
5800 "Specifies the limit (in pages) of the process's resident set (the number of "
5801 "virtual pages resident in RAM). This limit has effect only in Linux 2.4.x, "
5802 "x E<lt> 30, and there affects only calls to B<madvise>(2) specifying "
5807 #: build/C/man2/getrlimit.2:320
5809 msgid "B<RLIMIT_RTPRIO> (since Linux 2.6.12, but see BUGS)"
5813 #: build/C/man2/getrlimit.2:327
5815 "Specifies a ceiling on the real-time priority that may be set for this "
5816 "process using B<sched_setscheduler>(2) and B<sched_setparam>(2)."
5820 #: build/C/man2/getrlimit.2:327
5822 msgid "B<RLIMIT_RTTIME> (since Linux 2.6.25)"
5826 #: build/C/man2/getrlimit.2:339
5828 "Specifies a limit (in microseconds) on the amount of CPU time that a "
5829 "process scheduled under a real-time scheduling policy may consume without "
5830 "making a blocking system call. For the purpose of this limit, each time a "
5831 "process makes a blocking system call, the count of its consumed CPU time is "
5832 "reset to zero. The CPU time count is not reset if the process continues "
5833 "trying to use the CPU but is preempted, its time slice expires, or it calls "
5834 "B<sched_yield>(2)."
5838 #: build/C/man2/getrlimit.2:350
5840 "Upon reaching the soft limit, the process is sent a B<SIGXCPU> signal. If "
5841 "the process catches or ignores this signal and continues consuming CPU time, "
5842 "then B<SIGXCPU> will be generated once each second until the hard limit is "
5843 "reached, at which point the process is sent a B<SIGKILL> signal."
5847 #: build/C/man2/getrlimit.2:353
5849 "The intended use of this limit is to stop a runaway real-time process from "
5850 "locking up the system."
5854 #: build/C/man2/getrlimit.2:353
5856 msgid "B<RLIMIT_SIGPENDING> (since Linux 2.6.8)"
5859 #. This replaces the /proc/sys/kernel/rtsig-max system-wide limit
5860 #. that was present in kernels <= 2.6.7. MTK Dec 04
5862 #: build/C/man2/getrlimit.2:367
5864 "Specifies the limit on the number of signals that may be queued for the real "
5865 "user ID of the calling process. Both standard and real-time signals are "
5866 "counted for the purpose of checking this limit. However, the limit is "
5867 "enforced only for B<sigqueue>(3); it is always possible to use B<kill>(2) "
5868 "to queue one instance of any of the signals that are not already queued to "
5873 #: build/C/man2/getrlimit.2:367
5875 msgid "B<RLIMIT_STACK>"
5879 #: build/C/man2/getrlimit.2:375
5881 "The maximum size of the process stack, in bytes. Upon reaching this limit, "
5882 "a B<SIGSEGV> signal is generated. To handle this signal, a process must "
5883 "employ an alternate signal stack (B<sigaltstack>(2))."
5887 #: build/C/man2/getrlimit.2:380
5889 "Since Linux 2.6.23, this limit also determines the amount of space used for "
5890 "the process's command-line arguments and environment variables; for details, "
5895 #: build/C/man2/getrlimit.2:380
5900 #. commit c022a0acad534fd5f5d5f17280f6d4d135e74e81
5901 #. Author: Jiri Slaby <jslaby@suse.cz>
5902 #. Date: Tue May 4 18:03:50 2010 +0200
5904 #: build/C/man2/getrlimit.2:391
5906 "The Linux-specific B<prlimit>() system call combines and extends the "
5907 "functionality of B<setrlimit>() and B<getrlimit>(). It can be used to both "
5908 "set and get the resource limits of an arbitrary process."
5912 #: build/C/man2/getrlimit.2:398
5914 "The I<resource> argument has the same meaning as for B<setrlimit>() and "
5919 #: build/C/man2/getrlimit.2:416
5921 "If the I<new_limit> argument is a not NULL, then the I<rlimit> structure to "
5922 "which it points is used to set new values for the soft and hard limits for "
5923 "I<resource>. If the I<old_limit> argument is a not NULL, then a successful "
5924 "call to B<prlimit>() places the previous soft and hard limits for "
5925 "I<resource> in the I<rlimit> structure pointed to by I<old_limit>."
5928 #. FIXME this permission check is strange
5929 #. Asked about this on LKML, 7 Nov 2010
5930 #. "Inconsistent credential checking in prlimit() syscall"
5932 #: build/C/man2/getrlimit.2:435
5934 "The I<pid> argument specifies the ID of the process on which the call is to "
5935 "operate. If I<pid> is 0, then the call applies to the calling process. To "
5936 "set or get the resources of a process other than itself, the caller must "
5937 "have the B<CAP_SYS_RESOURCE> capability, or the real, effective, and saved "
5938 "set user IDs of the target process must match the real user ID of the caller "
5939 "I<and> the real, effective, and saved set group IDs of the target process "
5940 "must match the real group ID of the caller."
5944 #: build/C/man2/getrlimit.2:440
5946 "On success, these system calls return 0. On error, -1 is returned, and "
5947 "I<errno> is set appropriately."
5951 #: build/C/man2/getrlimit.2:445
5953 "A pointer argument points to a location outside the accessible address "
5958 #: build/C/man2/getrlimit.2:457
5960 "The value specified in I<resource> is not valid; or, for B<setrlimit>() or "
5961 "B<prlimit>(): I<rlim-E<gt>rlim_cur> was greater than I<rlim-E<gt>rlim_max>."
5965 #: build/C/man2/getrlimit.2:469
5967 "An unprivileged process tried to raise the hard limit; the "
5968 "B<CAP_SYS_RESOURCE> capability is required to do this. Or, the caller tried "
5969 "to increase the hard B<RLIMIT_NOFILE> limit above the current kernel maximum "
5970 "(B<NR_OPEN>). Or, the calling process did not have permission to set limits "
5971 "for the process specified by I<pid>."
5975 #: build/C/man2/getrlimit.2:473
5976 msgid "Could not find a process with the ID specified in I<pid>."
5980 #: build/C/man2/getrlimit.2:478
5982 "The B<prlimit>() system call is available since Linux 2.6.36. Library "
5983 "support is available since glibc 2.13."
5987 #: build/C/man2/getrlimit.2:482
5988 msgid "B<getrlimit>(), B<setrlimit>(): SVr4, 4.3BSD, POSIX.1-2001."
5992 #: build/C/man2/getrlimit.2:485
5993 msgid "B<prlimit>(): Linux-specific."
5997 #: build/C/man2/getrlimit.2:501
5999 "B<RLIMIT_MEMLOCK> and B<RLIMIT_NPROC> derive from BSD and are not specified "
6000 "in POSIX.1-2001; they are present on the BSDs and Linux, but on few other "
6001 "implementations. B<RLIMIT_RSS> derives from BSD and is not specified in "
6002 "POSIX.1-2001; it is nevertheless present on most implementations. "
6003 "B<RLIMIT_MSGQUEUE>, B<RLIMIT_NICE>, B<RLIMIT_RTPRIO>, B<RLIMIT_RTTIME>, and "
6004 "B<RLIMIT_SIGPENDING> are Linux-specific."
6008 #: build/C/man2/getrlimit.2:507
6010 "A child process created via B<fork>(2) inherits its parent's resource "
6011 "limits. Resource limits are preserved across B<execve>(2)."
6015 #: build/C/man2/getrlimit.2:512
6017 "Lowering the soft limit for a resource below the process's current "
6018 "consumption of that resource will succeed (but will prevent the process from "
6019 "further increasing its consumption of the resource)."
6023 #: build/C/man2/getrlimit.2:521
6025 "One can set the resource limits of the shell using the built-in I<ulimit> "
6026 "command (I<limit> in B<csh>(1)). The shell's resource limits are inherited "
6027 "by the processes that it creates to execute commands."
6031 #: build/C/man2/getrlimit.2:526
6033 "Since Linux 2.6.24, the resource limits of any process can be inspected via "
6034 "I</proc/[pid]/limits>; see B<proc>(5)."
6038 #: build/C/man2/getrlimit.2:535
6040 "Ancient systems provided a B<vlimit>() function with a similar purpose to "
6041 "B<setrlimit>(). For backward compatibility, glibc also provides "
6042 "B<vlimit>(). All new applications should be written using B<setrlimit>()."
6045 #. FIXME prlimit() does not suffer
6046 #. https://bugzilla.kernel.org/show_bug.cgi?id=5042
6047 #. http://sources.redhat.com/bugzilla/show_bug.cgi?id=12201
6048 #. Since versions 2.13, glibc has library implementations of
6049 #. getrlimit() and setrlimit() that use prlimit() to work around
6052 #: build/C/man2/getrlimit.2:550
6054 "In older Linux kernels, the B<SIGXCPU> and B<SIGKILL> signals delivered when "
6055 "a process encountered the soft and hard B<RLIMIT_CPU> limits were delivered "
6056 "one (CPU) second later than they should have been. This was fixed in kernel "
6060 #. see http://marc.theaimsgroup.com/?l=linux-kernel&m=114008066530167&w=2
6062 #: build/C/man2/getrlimit.2:558
6064 "In 2.6.x kernels before 2.6.17, a B<RLIMIT_CPU> limit of 0 is wrongly "
6065 "treated as \"no limit\" (like B<RLIM_INFINITY>). Since Linux 2.6.17, "
6066 "setting a limit of 0 does have an effect, but is actually treated as a limit "
6070 #. See https://lwn.net/Articles/145008/
6072 #: build/C/man2/getrlimit.2:563
6074 "A kernel bug means that B<RLIMIT_RTPRIO> does not work in kernel 2.6.12; the "
6075 "problem is fixed in kernel 2.6.13."
6078 #. see http://marc.theaimsgroup.com/?l=linux-kernel&m=112256338703880&w=2
6080 #: build/C/man2/getrlimit.2:574
6082 "In kernel 2.6.12, there was an off-by-one mismatch between the priority "
6083 "ranges returned by B<getpriority>(2) and B<RLIMIT_NICE>. This had the "
6084 "effect that the actual ceiling for the nice value was calculated as I<19\\ "
6085 "-\\ rlim_cur>. This was fixed in kernel 2.6.13."
6088 #. The relevant patch, sent to LKML, seems to be
6089 #. http://thread.gmane.org/gmane.linux.kernel/273462
6090 #. From: Roland McGrath <roland <at> redhat.com>
6091 #. Subject: [PATCH 7/7] make RLIMIT_CPU/SIGXCPU per-process
6092 #. Date: 2005-01-23 23:27:46 GMT
6093 #. Tested Solaris 10, FreeBSD 9, OpenBSD 5.0
6094 #. FIXME https://bugzilla.kernel.org/show_bug.cgi?id=50951
6096 #: build/C/man2/getrlimit.2:601
6098 "Since Linux 2.6.12, if a process reaches its soft B<RLIMIT_CPU> limit and "
6099 "has a handler installed for B<SIGXCPU>, then, in addition to invoking the "
6100 "signal handler, the kernel increases the soft limit by one second. This "
6101 "behavior repeats if the process continues to consume CPU time, until the "
6102 "hard limit is reached, at which point the process is killed. Other "
6103 "implementations do not change the B<RLIMIT_CPU> soft limit in this manner, "
6104 "and the Linux behavior is probably not standards conformant; portable "
6105 "applications should avoid relying on this Linux-specific behavior. The "
6106 "Linux-specific B<RLIMIT_RTTIME> limit exhibits the same behavior when the "
6107 "soft limit is encountered."
6111 #: build/C/man2/getrlimit.2:610
6113 "Kernels before 2.4.22 did not diagnose the error B<EINVAL> for "
6114 "B<setrlimit>() when I<rlim-E<gt>rlim_cur> was greater than "
6115 "I<rlim-E<gt>rlim_max>."
6119 #: build/C/man2/getrlimit.2:613
6120 msgid "The program below demonstrates the use of B<prlimit>()."
6124 #: build/C/man2/getrlimit.2:622
6127 "#define _GNU_SOURCE\n"
6128 "#define _FILE_OFFSET_BITS 64\n"
6129 "#include E<lt>stdio.hE<gt>\n"
6130 "#include E<lt>time.hE<gt>\n"
6131 "#include E<lt>stdlib.hE<gt>\n"
6132 "#include E<lt>unistd.hE<gt>\n"
6133 "#include E<lt>sys/resource.hE<gt>\n"
6137 #: build/C/man2/getrlimit.2:625
6140 "#define errExit(msg) \tdo { perror(msg); exit(EXIT_FAILURE); \\e\n"
6145 #: build/C/man2/getrlimit.2:632
6149 "main(int argc, char *argv[])\n"
6151 " struct rlimit old, new;\n"
6152 " struct rlimit *newp;\n"
6157 #: build/C/man2/getrlimit.2:638
6160 " if (!(argc == 2 || argc == 4)) {\n"
6161 " fprintf(stderr, \"Usage: %s E<lt>pidE<gt> [E<lt>new-soft-limitE<gt> "
6163 " \"E<lt>new-hard-limitE<gt>]\\en\", argv[0]);\n"
6164 " exit(EXIT_FAILURE);\n"
6169 #: build/C/man2/getrlimit.2:640
6171 msgid " pid = atoi(argv[1]); /* PID of target process */\n"
6175 #: build/C/man2/getrlimit.2:647
6179 " if (argc == 4) {\n"
6180 " new.rlim_cur = atoi(argv[2]);\n"
6181 " new.rlim_max = atoi(argv[3]);\n"
6187 #: build/C/man2/getrlimit.2:650
6190 " /* Set CPU time limit of target process; retrieve and display\n"
6191 " previous limit */\n"
6195 #: build/C/man2/getrlimit.2:655
6198 " if (prlimit(pid, RLIMIT_CPU, newp, &old) == -1)\n"
6199 " errExit(\"prlimit-1\");\n"
6200 " printf(\"Previous limits: soft=%lld; hard=%lld\\en\",\n"
6201 " (long long) old.rlim_cur, (long long) old.rlim_max);\n"
6205 #: build/C/man2/getrlimit.2:657
6207 msgid " /* Retrieve and display new CPU time limit */\n"
6211 #: build/C/man2/getrlimit.2:662
6214 " if (prlimit(pid, RLIMIT_CPU, NULL, &old) == -1)\n"
6215 " errExit(\"prlimit-2\");\n"
6216 " printf(\"New limits: soft=%lld; hard=%lld\\en\",\n"
6217 " (long long) old.rlim_cur, (long long) old.rlim_max);\n"
6221 #: build/C/man2/getrlimit.2:665
6224 " exit(EXIT_FAILURE);\n"
6229 #: build/C/man2/getrlimit.2:684
6231 "B<prlimit>(1), B<dup>(2), B<fcntl>(2), B<fork>(2), B<getrusage>(2), "
6232 "B<mlock>(2), B<mmap>(2), B<open>(2), B<quotactl>(2), B<sbrk>(2), "
6233 "B<shmctl>(2), B<malloc>(3), B<sigqueue>(3), B<ulimit>(3), B<core>(5), "
6234 "B<capabilities>(7), B<signal>(7)"
6238 #: build/C/man2/getrusage.2:39
6244 #: build/C/man2/getrusage.2:42
6245 msgid "getrusage - get resource usage"
6249 #: build/C/man2/getrusage.2:48
6250 msgid "B<int getrusage(int >I<who>B<, struct rusage *>I<usage>B<);>"
6254 #: build/C/man2/getrusage.2:54
6256 "B<getrusage>() returns resource usage measures for I<who>, which can be one "
6261 #: build/C/man2/getrusage.2:54
6263 msgid "B<RUSAGE_SELF>"
6267 #: build/C/man2/getrusage.2:58
6269 "Return resource usage statistics for the calling process, which is the sum "
6270 "of resources used by all threads in the process."
6274 #: build/C/man2/getrusage.2:58
6276 msgid "B<RUSAGE_CHILDREN>"
6280 #: build/C/man2/getrusage.2:65
6282 "Return resource usage statistics for all children of the calling process "
6283 "that have terminated and been waited for. These statistics will include the "
6284 "resources used by grandchildren, and further removed descendants, if all of "
6285 "the intervening descendants waited on their terminated children."
6289 #: build/C/man2/getrusage.2:65
6291 msgid "B<RUSAGE_THREAD> (since Linux 2.6.26)"
6295 #: build/C/man2/getrusage.2:75
6297 "Return resource usage statistics for the calling thread. The B<_GNU_SOURCE> "
6298 "feature test macro must be defined (before including I<any> header file) in "
6299 "order to obtain the definition of this constant from "
6300 "I<E<lt>sys/resource.hE<gt>>."
6304 #: build/C/man2/getrusage.2:79
6306 "The resource usages are returned in the structure pointed to by I<usage>, "
6307 "which has the following form:"
6311 #: build/C/man2/getrusage.2:100
6315 " struct timeval ru_utime; /* user CPU time used */\n"
6316 " struct timeval ru_stime; /* system CPU time used */\n"
6317 " long ru_maxrss; /* maximum resident set size */\n"
6318 " long ru_ixrss; /* integral shared memory size */\n"
6319 " long ru_idrss; /* integral unshared data size */\n"
6320 " long ru_isrss; /* integral unshared stack size */\n"
6321 " long ru_minflt; /* page reclaims (soft page faults) */\n"
6322 " long ru_majflt; /* page faults (hard page faults) */\n"
6323 " long ru_nswap; /* swaps */\n"
6324 " long ru_inblock; /* block input operations */\n"
6325 " long ru_oublock; /* block output operations */\n"
6326 " long ru_msgsnd; /* IPC messages sent */\n"
6327 " long ru_msgrcv; /* IPC messages received */\n"
6328 " long ru_nsignals; /* signals received */\n"
6329 " long ru_nvcsw; /* voluntary context switches */\n"
6330 " long ru_nivcsw; /* involuntary context switches */\n"
6335 #: build/C/man2/getrusage.2:108
6337 "Not all fields are completed; unmaintained fields are set to zero by the "
6338 "kernel. (The unmaintained fields are provided for compatibility with other "
6339 "systems, and because they may one day be supported on Linux.) The fields "
6340 "are interpreted as follows:"
6344 #: build/C/man2/getrusage.2:108
6350 #: build/C/man2/getrusage.2:114
6352 "This is the total amount of time spent executing in user mode, expressed in "
6353 "a I<timeval> structure (seconds plus microseconds)."
6357 #: build/C/man2/getrusage.2:114
6363 #: build/C/man2/getrusage.2:120
6365 "This is the total amount of time spent executing in kernel mode, expressed "
6366 "in a I<timeval> structure (seconds plus microseconds)."
6370 #: build/C/man2/getrusage.2:120
6372 msgid "I<ru_maxrss> (since Linux 2.6.32)"
6376 #: build/C/man2/getrusage.2:127
6378 "This is the maximum resident set size used (in kilobytes). For "
6379 "B<RUSAGE_CHILDREN>, this is the resident set size of the largest child, not "
6380 "the maximum resident set size of the process tree."
6384 #: build/C/man2/getrusage.2:127
6386 msgid "I<ru_ixrss> (unmaintained)"
6389 #. On some systems, this field records the number of signals received.
6391 #: build/C/man2/getrusage.2:133 build/C/man2/getrusage.2:138 build/C/man2/getrusage.2:143 build/C/man2/getrusage.2:155 build/C/man2/getrusage.2:167 build/C/man2/getrusage.2:173 build/C/man2/getrusage.2:177
6392 msgid "This field is currently unused on Linux."
6396 #: build/C/man2/getrusage.2:133
6398 msgid "I<ru_idrss> (unmaintained)"
6402 #: build/C/man2/getrusage.2:138
6404 msgid "I<ru_isrss> (unmaintained)"
6408 #: build/C/man2/getrusage.2:143
6410 msgid "I<ru_minflt>"
6414 #: build/C/man2/getrusage.2:148
6416 "The number of page faults serviced without any I/O activity; here I/O "
6417 "activity is avoided by ``reclaiming'' a page frame from the list of pages "
6418 "awaiting reallocation."
6422 #: build/C/man2/getrusage.2:148
6424 msgid "I<ru_majflt>"
6428 #: build/C/man2/getrusage.2:151
6429 msgid "The number of page faults serviced that required I/O activity."
6433 #: build/C/man2/getrusage.2:151
6435 msgid "I<ru_nswap> (unmaintained)"
6439 #: build/C/man2/getrusage.2:155
6441 msgid "I<ru_inblock> (since Linux 2.6.22)"
6445 #: build/C/man2/getrusage.2:158
6446 msgid "The number of times the filesystem had to perform input."
6450 #: build/C/man2/getrusage.2:158
6452 msgid "I<ru_oublock> (since Linux 2.6.22)"
6456 #: build/C/man2/getrusage.2:161
6457 msgid "The number of times the filesystem had to perform output."
6461 #: build/C/man2/getrusage.2:161
6463 msgid "I<ru_msgsnd> (unmaintained)"
6467 #: build/C/man2/getrusage.2:167
6469 msgid "I<ru_msgrcv> (unmaintained)"
6473 #: build/C/man2/getrusage.2:173
6475 msgid "I<ru_nsignals> (unmaintained)"
6479 #: build/C/man2/getrusage.2:177
6481 msgid "I<ru_nvcsw> (since Linux 2.6)"
6485 #: build/C/man2/getrusage.2:182
6487 "The number of times a context switch resulted due to a process voluntarily "
6488 "giving up the processor before its time slice was completed (usually to "
6489 "await availability of a resource)."
6493 #: build/C/man2/getrusage.2:182
6495 msgid "I<ru_nivcsw> (since Linux 2.6)"
6499 #: build/C/man2/getrusage.2:187
6501 "The number of times a context switch resulted due to a higher priority "
6502 "process becoming runnable or because the current process exceeded its time "
6507 #: build/C/man2/getrusage.2:198
6508 msgid "I<usage> points outside the accessible address space."
6512 #: build/C/man2/getrusage.2:202
6513 msgid "I<who> is invalid."
6517 #: build/C/man2/getrusage.2:210
6519 "SVr4, 4.3BSD. POSIX.1-2001 specifies B<getrusage>(), but specifies only the "
6520 "fields I<ru_utime> and I<ru_stime>."
6524 #: build/C/man2/getrusage.2:213
6525 msgid "B<RUSAGE_THREAD> is Linux-specific."
6529 #: build/C/man2/getrusage.2:216
6530 msgid "Resource usage metrics are preserved across an B<execve>(2)."
6534 #: build/C/man2/getrusage.2:224
6536 "Including I<E<lt>sys/time.hE<gt>> is not required these days, but increases "
6537 "portability. (Indeed, I<struct timeval> is defined in "
6538 "I<E<lt>sys/time.hE<gt>>.)"
6541 #. See the description of getrusage() in XSH.
6542 #. A similar statement was also in SUSv2.
6544 #: build/C/man2/getrusage.2:236
6546 "In Linux kernel versions before 2.6.9, if the disposition of B<SIGCHLD> is "
6547 "set to B<SIG_IGN> then the resource usages of child processes are "
6548 "automatically included in the value returned by B<RUSAGE_CHILDREN>, although "
6549 "POSIX.1-2001 explicitly prohibits this. This nonconformance is rectified in "
6550 "Linux 2.6.9 and later."
6554 #: build/C/man2/getrusage.2:239
6556 "The structure definition shown at the start of this page was taken from "
6561 #: build/C/man2/getrusage.2:248
6563 "Ancient systems provided a B<vtimes>() function with a similar purpose to "
6564 "B<getrusage>(). For backward compatibility, glibc also provides "
6565 "B<vtimes>(). All new applications should be written using B<getrusage>()."
6569 #: build/C/man2/getrusage.2:253
6570 msgid "See also the description of I</proc/PID/stat> in B<proc>(5)."
6574 #: build/C/man2/getrusage.2:260
6576 "B<clock_gettime>(2), B<getrlimit>(2), B<times>(2), B<wait>(2), B<wait4>(2), "
6581 #: build/C/man2/getsid.2:26
6587 #: build/C/man2/getsid.2:26
6593 #: build/C/man2/getsid.2:29
6594 msgid "getsid - get session ID"
6598 #: build/C/man2/getsid.2:33
6599 msgid "B<pid_t getsid(pid_t>I< pid>B<);>"
6603 #: build/C/man2/getsid.2:42
6604 msgid "B<getsid>():"
6608 #: build/C/man2/getsid.2:45 build/C/man2/setpgid.2:79
6609 msgid "_XOPEN_SOURCE\\ E<gt>=\\ 500 || _XOPEN_SOURCE\\ &&\\ _XOPEN_SOURCE_EXTENDED"
6613 #: build/C/man2/getsid.2:47 build/C/man2/setpgid.2:81
6614 msgid "|| /* Since glibc 2.12: */ _POSIX_C_SOURCE\\ E<gt>=\\ 200809L"
6618 #: build/C/man2/getsid.2:58
6620 "I<getsid(0)> returns the session ID of the calling process. I<getsid(p)> "
6621 "returns the session ID of the process with process ID I<p>. (The session ID "
6622 "of a process is the process group ID of the session leader.)"
6626 #: build/C/man2/getsid.2:63
6628 "On success, a session ID is returned. On error, I<(pid_t)\\ -1> will be "
6629 "returned, and I<errno> is set appropriately."
6633 #: build/C/man2/getsid.2:70
6635 "A process with process ID I<p> exists, but it is not in the same session as "
6636 "the calling process, and the implementation considers this an error."
6640 #: build/C/man2/getsid.2:75
6641 msgid "No process with process ID I<p> was found."
6644 #. Linux has this system call since Linux 1.3.44.
6645 #. There is libc support since libc 5.2.19.
6647 #: build/C/man2/getsid.2:79
6648 msgid "This system call is available on Linux since version 2.0."
6652 #: build/C/man2/getsid.2:81 build/C/man2/setgid.2:68 build/C/man2/setsid.2:67
6653 msgid "SVr4, POSIX.1-2001."
6657 #: build/C/man2/getsid.2:84
6658 msgid "Linux does not return B<EPERM>."
6662 #: build/C/man2/getsid.2:88
6663 msgid "B<getpgid>(2), B<setsid>(2), B<credentials>(7)"
6667 #: build/C/man2/getuid.2:26
6673 #: build/C/man2/getuid.2:29
6674 msgid "getuid, geteuid - get user identity"
6678 #: build/C/man2/getuid.2:35
6679 msgid "B<uid_t getuid(void);>"
6683 #: build/C/man2/getuid.2:37
6684 msgid "B<uid_t geteuid(void);>"
6688 #: build/C/man2/getuid.2:40
6689 msgid "B<getuid>() returns the real user ID of the calling process."
6693 #: build/C/man2/getuid.2:43
6694 msgid "B<geteuid>() returns the effective user ID of the calling process."
6698 #: build/C/man2/getuid.2:48
6704 #: build/C/man2/getuid.2:57
6706 "In UNIX\\ V6 the B<getuid>() call returned I<(euid E<lt>E<lt> 8) + uid>. "
6707 "UNIX\\ V7 introduced separate calls B<getuid>() and B<geteuid>()."
6711 #: build/C/man2/getuid.2:73
6713 "The original Linux B<getuid>() and B<geteuid>() system calls supported "
6714 "only 16-bit user IDs. Subsequently, Linux 2.4 added B<getuid32>() and "
6715 "B<geteuid32>(), supporting 32-bit IDs. The glibc B<getuid>() and "
6716 "B<geteuid>() wrapper functions transparently deal with the variations "
6717 "across kernel versions."
6721 #: build/C/man2/getuid.2:78
6722 msgid "B<getresuid>(2), B<setreuid>(2), B<setuid>(2), B<credentials>(7)"
6726 #: build/C/man2/iopl.2:33
6732 #: build/C/man2/iopl.2:33
6738 #: build/C/man2/iopl.2:36
6739 msgid "iopl - change I/O privilege level"
6743 #: build/C/man2/iopl.2:38
6744 msgid "B<#include E<lt>sys/io.hE<gt>>"
6748 #: build/C/man2/iopl.2:40
6749 msgid "B<int iopl(int >I<level>B<);>"
6753 #: build/C/man2/iopl.2:45
6755 "B<iopl>() changes the I/O privilege level of the calling process, as "
6756 "specified by the two least significant bits in I<level>."
6760 #: build/C/man2/iopl.2:51
6762 "This call is necessary to allow 8514-compatible X servers to run under "
6763 "Linux. Since these X servers require access to all 65536 I/O ports, the "
6764 "B<ioperm>(2) call is not sufficient."
6768 #: build/C/man2/iopl.2:55
6770 "In addition to granting unrestricted I/O port access, running at a higher "
6771 "I/O privilege level also allows the process to disable interrupts. This "
6772 "will probably crash the system, and is not recommended."
6776 #: build/C/man2/iopl.2:60
6777 msgid "Permissions are inherited by B<fork>(2) and B<execve>(2)."
6781 #: build/C/man2/iopl.2:62
6782 msgid "The I/O privilege level for a normal process is 0."
6786 #: build/C/man2/iopl.2:66
6788 "This call is mostly for the i386 architecture. On many other architectures "
6789 "it does not exist or will always return an error."
6793 #: build/C/man2/iopl.2:76
6794 msgid "I<level> is greater than 3."
6798 #: build/C/man2/iopl.2:79
6799 msgid "This call is unimplemented."
6803 #: build/C/man2/iopl.2:87
6805 "The calling process has insufficient privilege to call B<iopl>(); the "
6806 "B<CAP_SYS_RAWIO> capability is required to raise the I/O privilege level "
6807 "above its current value."
6811 #: build/C/man2/iopl.2:91
6813 "B<iopl>() is Linux-specific and should not be used in programs that are "
6814 "intended to be portable."
6818 #: build/C/man2/iopl.2:100
6820 "Libc5 treats it as a system call and has a prototype in "
6821 "I<E<lt>unistd.hE<gt>>. Glibc1 does not have a prototype. Glibc2 has a "
6822 "prototype both in I<E<lt>sys/io.hE<gt>> and in I<E<lt>sys/perm.hE<gt>>. "
6823 "Avoid the latter, it is available on i386 only."
6827 #: build/C/man2/iopl.2:104
6828 msgid "B<ioperm>(2), B<outb>(2), B<capabilities>(7)"
6832 #: build/C/man2/ioprio_set.2:24
6838 #: build/C/man2/ioprio_set.2:24 build/C/man7/svipc.7:40
6844 #: build/C/man2/ioprio_set.2:27
6845 msgid "ioprio_get, ioprio_set - get/set I/O scheduling class and priority"
6849 #: build/C/man2/ioprio_set.2:31
6852 "B<int ioprio_get(int >I<which>B<, int >I<who>B<);>\n"
6853 "B<int ioprio_set(int >I<which>B<, int >I<who>B<, int >I<ioprio>B<);>\n"
6857 #: build/C/man2/ioprio_set.2:35
6858 msgid "I<Note>: There are no glibc wrappers for these system calls; see NOTES."
6862 #: build/C/man2/ioprio_set.2:42
6864 "The B<ioprio_get>() and B<ioprio_set>() system calls respectively get and "
6865 "set the I/O scheduling class and priority of one or more threads."
6869 #: build/C/man2/ioprio_set.2:54
6871 "The I<which> and I<who> arguments identify the thread(s) on which the system "
6872 "calls operate. The I<which> argument determines how I<who> is interpreted, "
6873 "and has one of the following values:"
6877 #: build/C/man2/ioprio_set.2:54
6879 msgid "B<IOPRIO_WHO_PROCESS>"
6883 #: build/C/man2/ioprio_set.2:61
6885 "I<who> is a process ID or thread ID identifying a single process or thread. "
6886 "If I<who> is 0, then operate on the calling thread."
6890 #: build/C/man2/ioprio_set.2:61
6892 msgid "B<IOPRIO_WHO_PGRP>"
6896 #: build/C/man2/ioprio_set.2:68
6898 "I<who> is a process group ID identifying all the members of a process "
6899 "group. If I<who> is 0, then operate on the process group of which the "
6900 "caller is a member."
6904 #: build/C/man2/ioprio_set.2:68
6906 msgid "B<IOPRIO_WHO_USER>"
6909 #. FIXME who==0 needs to be documented,
6910 #. See http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=652443
6912 #: build/C/man2/ioprio_set.2:75
6914 "I<who> is a user ID identifying all of the processes that have a matching "
6919 #: build/C/man2/ioprio_set.2:98
6921 "If I<which> is specified as B<IOPRIO_WHO_PGRP> or B<IOPRIO_WHO_USER> when "
6922 "calling B<ioprio_get>(), and more than one process matches I<who>, then the "
6923 "returned priority will be the highest one found among all of the matching "
6924 "processes. One priority is said to be higher than another one if it belongs "
6925 "to a higher priority class (B<IOPRIO_CLASS_RT> is the highest priority "
6926 "class; B<IOPRIO_CLASS_IDLE> is the lowest) or if it belongs to the same "
6927 "priority class as the other process but has a higher priority level (a lower "
6928 "priority number means a higher priority level)."
6932 #: build/C/man2/ioprio_set.2:108
6934 "The I<ioprio> argument given to B<ioprio_set>() is a bit mask that "
6935 "specifies both the scheduling class and the priority to be assigned to the "
6936 "target process(es). The following macros are used for assembling and "
6937 "dissecting I<ioprio> values:"
6941 #: build/C/man2/ioprio_set.2:108
6943 msgid "B<IOPRIO_PRIO_VALUE(>I<class>B<, >I<data>B<)>"
6947 #: build/C/man2/ioprio_set.2:117
6949 "Given a scheduling I<class> and priority (I<data>), this macro combines the "
6950 "two values to produce an I<ioprio> value, which is returned as the result of "
6955 #: build/C/man2/ioprio_set.2:117
6957 msgid "B<IOPRIO_PRIO_CLASS(>I<mask>B<)>"
6961 #: build/C/man2/ioprio_set.2:129
6963 "Given I<mask> (an I<ioprio> value), this macro returns its I/O class "
6964 "component, that is, one of the values B<IOPRIO_CLASS_RT>, "
6965 "B<IOPRIO_CLASS_BE>, or B<IOPRIO_CLASS_IDLE>."
6969 #: build/C/man2/ioprio_set.2:129
6971 msgid "B<IOPRIO_PRIO_DATA(>I<mask>B<)>"
6975 #: build/C/man2/ioprio_set.2:138
6977 "Given I<mask> (an I<ioprio> value), this macro returns its priority "
6978 "(I<data>) component."
6982 #: build/C/man2/ioprio_set.2:141
6984 "See the NOTES section for more information on scheduling classes and "
6989 #: build/C/man2/ioprio_set.2:149
6991 "I/O priorities are supported for reads and for synchronous (B<O_DIRECT>, "
6992 "B<O_SYNC>) writes. I/O priorities are not supported for asynchronous "
6993 "writes because they are issued outside the context of the program dirtying "
6994 "the memory, and thus program-specific priorities do not apply."
6998 #: build/C/man2/ioprio_set.2:162
7000 "On success, B<ioprio_get>() returns the I<ioprio> value of the process with "
7001 "highest I/O priority of any of the processes that match the criteria "
7002 "specified in I<which> and I<who>. On error, -1 is returned, and I<errno> is "
7003 "set to indicate the error."
7007 #: build/C/man2/ioprio_set.2:169
7009 "On success, B<ioprio_set>() returns 0. On error, -1 is returned, and "
7010 "I<errno> is set to indicate the error."
7014 #: build/C/man2/ioprio_set.2:179
7016 "Invalid value for I<which> or I<ioprio>. Refer to the NOTES section for "
7017 "available scheduler classes and priority levels for I<ioprio>."
7021 #: build/C/man2/ioprio_set.2:187
7023 "The calling process does not have the privilege needed to assign this "
7024 "I<ioprio> to the specified process(es). See the NOTES section for more "
7025 "information on required privileges for B<ioprio_set>()."
7029 #: build/C/man2/ioprio_set.2:193
7031 "No process(es) could be found that matched the specification in I<which> and "
7036 #: build/C/man2/ioprio_set.2:196
7037 msgid "These system calls have been available on Linux since kernel 2.6.13."
7041 #: build/C/man2/ioprio_set.2:201
7043 "Glibc does not provide a wrapper for these system calls; call them using "
7048 #: build/C/man2/ioprio_set.2:220
7050 "Two or more processes or threads can share an I/O context. This will be the "
7051 "case when B<clone>(2) was called with the B<CLONE_IO> flag. However, by "
7052 "default, the distinct threads of a process will B<not> share the same I/O "
7053 "context. This means that if you want to change the I/O priority of all "
7054 "threads in a process, you may need to call B<ioprio_set>() on each of the "
7055 "threads. The thread ID that you would need for this operation is the one "
7056 "that is returned by B<gettid>(2) or B<clone>(2)."
7060 #: build/C/man2/ioprio_set.2:225
7062 "These system calls have an effect only when used in conjunction with an I/O "
7063 "scheduler that supports I/O priorities. As at kernel 2.6.17 the only such "
7064 "scheduler is the Completely Fair Queuing (CFQ) I/O scheduler."
7068 #: build/C/man2/ioprio_set.2:225
7070 msgid "Selecting an I/O scheduler"
7074 #: build/C/man2/ioprio_set.2:229
7076 "I/O Schedulers are selected on a per-device basis via the special file "
7077 "I</sys/block/E<lt>deviceE<gt>/queue/scheduler>."
7081 #: build/C/man2/ioprio_set.2:235
7083 "One can view the current I/O scheduler via the I</sys> filesystem. For "
7084 "example, the following command displays a list of all schedulers currently "
7085 "loaded in the kernel:"
7089 #: build/C/man2/ioprio_set.2:240
7092 "$B< cat /sys/block/hda/queue/scheduler>\n"
7093 "noop anticipatory deadline [cfq]\n"
7097 #: build/C/man2/ioprio_set.2:254
7099 "The scheduler surrounded by brackets is the one actually in use for the "
7100 "device (I<hda> in the example). Setting another scheduler is done by "
7101 "writing the name of the new scheduler to this file. For example, the "
7102 "following command will set the scheduler for the I<hda> device to I<cfq>:"
7106 #: build/C/man2/ioprio_set.2:260
7111 "#B< echo cfq E<gt> /sys/block/hda/queue/scheduler>\n"
7115 #: build/C/man2/ioprio_set.2:262
7117 msgid "The Completely Fair Queuing (CFQ) I/O scheduler"
7121 #: build/C/man2/ioprio_set.2:268
7123 "Since v3 (aka CFQ Time Sliced) CFQ implements I/O nice levels similar to "
7124 "those of CPU scheduling. These nice levels are grouped in three scheduling "
7125 "classes each one containing one or more priority levels:"
7129 #: build/C/man2/ioprio_set.2:268
7131 msgid "B<IOPRIO_CLASS_RT> (1)"
7135 #: build/C/man2/ioprio_set.2:283
7137 "This is the real-time I/O class. This scheduling class is given higher "
7138 "priority than any other class: processes from this class are given first "
7139 "access to the disk every time. Thus this I/O class needs to be used with "
7140 "some care: one I/O real-time process can starve the entire system. Within "
7141 "the real-time class, there are 8 levels of class data (priority) that "
7142 "determine exactly how much time this process needs the disk for on each "
7143 "service. The highest real-time priority level is 0; the lowest is 7. In "
7144 "the future this might change to be more directly mappable to performance, by "
7145 "passing in a desired data rate instead."
7149 #: build/C/man2/ioprio_set.2:283
7151 msgid "B<IOPRIO_CLASS_BE> (2)"
7155 #: build/C/man2/ioprio_set.2:296
7157 "This is the best-effort scheduling class, which is the default for any "
7158 "process that hasn't set a specific I/O priority. The class data (priority) "
7159 "determines how much I/O bandwidth the process will get. Best-effort "
7160 "priority levels are analogous to CPU nice values (see B<getpriority>(2)). "
7161 "The priority level determines a priority relative to other processes in the "
7162 "best-effort scheduling class. Priority levels range from 0 (highest) to 7 "
7167 #: build/C/man2/ioprio_set.2:296
7169 msgid "B<IOPRIO_CLASS_IDLE> (3)"
7173 #: build/C/man2/ioprio_set.2:305
7175 "This is the idle scheduling class. Processes running at this level only get "
7176 "I/O time when no-one else needs the disk. The idle class has no class "
7177 "data. Attention is required when assigning this priority class to a "
7178 "process, since it may become starved if higher priority processes are "
7179 "constantly accessing the disk."
7183 #: build/C/man2/ioprio_set.2:309
7185 "Refer to I<Documentation/block/ioprio.txt> for more information on the CFQ "
7186 "I/O Scheduler and an example program."
7190 #: build/C/man2/ioprio_set.2:309
7192 msgid "Required permissions to set I/O priorities"
7196 #: build/C/man2/ioprio_set.2:312
7198 "Permission to change a process's priority is granted or denied based on two "
7203 #: build/C/man2/ioprio_set.2:312
7205 msgid "B<Process ownership>"
7209 #: build/C/man2/ioprio_set.2:320
7211 "An unprivileged process may set only the I/O priority of a process whose "
7212 "real UID matches the real or effective UID of the calling process. A "
7213 "process which has the B<CAP_SYS_NICE> capability can change the priority of "
7218 #: build/C/man2/ioprio_set.2:320
7220 msgid "B<What is the desired priority>"
7224 #: build/C/man2/ioprio_set.2:332
7226 "Attempts to set very high priorities (B<IOPRIO_CLASS_RT>) require the "
7227 "B<CAP_SYS_ADMIN> capability. Kernel versions up to 2.6.24 also required "
7228 "B<CAP_SYS_ADMIN> to set a very low priority (B<IOPRIO_CLASS_IDLE>), but "
7229 "since Linux 2.6.25, this is no longer required."
7233 #: build/C/man2/ioprio_set.2:337
7235 "A call to B<ioprio_set>() must follow both rules, or the call will fail "
7236 "with the error B<EPERM>."
7239 #. 6 May 07: Bug report raised:
7240 #. http://sources.redhat.com/bugzilla/show_bug.cgi?id=4464
7241 #. Ulrich Drepper replied that he wasn't going to add these
7244 #: build/C/man2/ioprio_set.2:346
7246 "Glibc does not yet provide a suitable header file defining the function "
7247 "prototypes and macros described on this page. Suitable definitions can be "
7248 "found in I<linux/ioprio.h>."
7252 #: build/C/man2/ioprio_set.2:351
7253 msgid "B<ionice>(1), B<getpriority>(2), B<open>(2), B<capabilities>(7)"
7257 #: build/C/man2/ioprio_set.2:354
7258 msgid "I<Documentation/block/ioprio.txt> in the Linux kernel source tree"
7262 #: build/C/man2/ipc.2:25
7268 #: build/C/man2/ipc.2:25
7274 #: build/C/man2/ipc.2:28
7275 msgid "ipc - System V IPC system calls"
7279 #: build/C/man2/ipc.2:33
7282 "B<int ipc(unsigned int >I<call>B<, int >I<first>B<, int >I<second>B<, int "
7284 "B< void *>I<ptr>B<, long >I<fifth>B<);>\n"
7288 #: build/C/man2/ipc.2:41
7290 "B<ipc>() is a common kernel entry point for the System\\ V IPC calls for "
7291 "messages, semaphores, and shared memory. I<call> determines which IPC "
7292 "function to invoke; the other arguments are passed through to the "
7297 #: build/C/man2/ipc.2:45
7299 "User programs should call the appropriate functions by their usual names. "
7300 "Only standard library implementors and kernel hackers need to know about "
7305 #: build/C/man2/ipc.2:49
7307 "B<ipc>() is Linux-specific, and should not be used in programs intended to "
7312 #: build/C/man2/ipc.2:57
7314 "On some architectures\\(emfor example x86-64 and ARM\\(emthere is no "
7315 "B<ipc>() system call; instead B<msgctl>(2), B<semctl>(2), B<shmctl>(2), and "
7316 "so on really are implemented as separate system calls."
7320 #: build/C/man2/ipc.2:70
7322 "B<msgctl>(2), B<msgget>(2), B<msgrcv>(2), B<msgsnd>(2), B<semctl>(2), "
7323 "B<semget>(2), B<semop>(2), B<semtimedop>(2), B<shmat>(2), B<shmctl>(2), "
7324 "B<shmdt>(2), B<shmget>(2)"
7328 #: build/C/man2/seteuid.2:29
7334 #: build/C/man2/seteuid.2:29
7340 #: build/C/man2/seteuid.2:32
7341 msgid "seteuid, setegid - set effective user or group ID"
7345 #: build/C/man2/seteuid.2:38
7346 msgid "B<int seteuid(uid_t >I<euid>B<);>"
7350 #: build/C/man2/seteuid.2:40
7351 msgid "B<int setegid(gid_t >I<egid>B<);>"
7355 #: build/C/man2/seteuid.2:49
7356 msgid "B<seteuid>(), B<setegid>():"
7360 #: build/C/man2/seteuid.2:51
7362 "_BSD_SOURCE || _POSIX_C_SOURCE\\ E<gt>=\\ 200112L || _XOPEN_SOURCE\\ "
7367 #: build/C/man2/seteuid.2:58
7369 "B<seteuid>() sets the effective user ID of the calling process. "
7370 "Unprivileged user processes may only set the effective user ID to the real "
7371 "user ID, the effective user ID or the saved set-user-ID."
7376 #. equals \-1, nothing is changed.
7377 #. (This is an artifact of the implementation in glibc of seteuid()
7378 #. using setresuid(2).)
7380 #: build/C/man2/seteuid.2:67
7382 "Precisely the same holds for B<setegid>() with \"group\" instead of "
7387 #: build/C/man2/seteuid.2:91
7389 "The calling process is not privileged (Linux: does not have the "
7390 "B<CAP_SETUID> capability in the case of B<seteuid>(), or the B<CAP_SETGID> "
7391 "capability in the case of B<setegid>()) and I<euid> (respectively, I<egid>) "
7392 "is not the real user (group) ID, the effective user (group) ID, or the saved "
7393 "set-user-ID (saved set-group-ID)."
7397 #: build/C/man2/seteuid.2:93
7398 msgid "4.3BSD, POSIX.1-2001."
7402 #: build/C/man2/seteuid.2:99
7404 "Setting the effective user (group) ID to the saved set-user-ID (saved "
7405 "set-group-ID) is possible since Linux 1.1.37 (1.1.38). On an arbitrary "
7406 "system one should check B<_POSIX_SAVED_IDS>."
7410 #: build/C/man2/seteuid.2:115
7412 "Under libc4, libc5 and glibc 2.0 B<seteuid(>I<euid>B<)> is equivalent to "
7413 "B<setreuid(-1,>I< euid>B<)> and hence may change the saved set-user-ID. "
7414 "Under glibc 2.1 and later it is equivalent to B<setresuid(-1,>I< euid>B<, "
7415 "-1)> and hence does not change the saved set-user-ID. Analogous remarks "
7416 "hold for B<setegid>(), with the difference that the change in implementation "
7417 "from B<setregid(-1,>I< egid>B<)> to B<setresgid(-1,>I< egid>B<, -1)> "
7418 "occurred in glibc 2.2 or 2.3 (depending on the hardware architecture)."
7422 #: build/C/man2/seteuid.2:124
7424 "According to POSIX.1, B<seteuid>() (B<setegid>()) need not permit I<euid> "
7425 "(I<egid>) to be the same value as the current effective user (group) ID, "
7426 "and some implementations do not permit this."
7430 #: build/C/man2/seteuid.2:131
7432 "B<geteuid>(2), B<setresuid>(2), B<setreuid>(2), B<setuid>(2), "
7433 "B<capabilities>(7), B<credentials>(7)"
7437 #: build/C/man2/setfsgid.2:31
7443 #: build/C/man2/setfsgid.2:31 build/C/man2/setfsuid.2:31
7449 #: build/C/man2/setfsgid.2:34
7450 msgid "setfsgid - set group identity used for filesystem checks"
7454 #: build/C/man2/setfsgid.2:36 build/C/man2/setfsuid.2:36
7455 msgid "B<#include E<lt>sys/fsuid.hE<gt>>"
7459 #: build/C/man2/setfsgid.2:38
7460 msgid "B<int setfsgid(uid_t >I<fsgid>B<);>"
7464 #: build/C/man2/setfsgid.2:51
7466 "The system call B<setfsgid>() changes the value of the caller's filesystem "
7467 "group ID\\(emthe group ID that the Linux kernel uses to check for all "
7468 "accesses to the filesystem. Normally, the value of the filesystem group ID "
7469 "will shadow the value of the effective group ID. In fact, whenever the "
7470 "effective group ID is changed, the filesystem group ID will also be changed "
7471 "to the new value of the effective group ID."
7475 #: build/C/man2/setfsgid.2:62
7477 "Explicit calls to B<setfsuid>(2) and B<setfsgid>() are usually used only "
7478 "by programs such as the Linux NFS server that need to change what user and "
7479 "group ID is used for file access without a corresponding change in the real "
7480 "and effective user and group IDs. A change in the normal user IDs for a "
7481 "program such as the NFS server is a security hole that can expose it to "
7482 "unwanted signals. (But see below.)"
7486 #: build/C/man2/setfsgid.2:68
7488 "B<setfsgid>() will succeed only if the caller is the superuser or if "
7489 "I<fsgid> matches either the caller's real group ID, effective group ID, "
7490 "saved set-group-ID, or current the filesystem user ID."
7494 #: build/C/man2/setfsgid.2:71
7496 "On both success and failure, this call returns the previous filesystem group "
7500 #. This system call is present since Linux 1.1.44
7501 #. and in libc since libc 4.7.6.
7503 #: build/C/man2/setfsgid.2:75 build/C/man2/setfsuid.2:75
7504 msgid "This system call is present in Linux since version 1.2."
7508 #: build/C/man2/setfsgid.2:79
7510 "B<setfsgid>() is Linux-specific and should not be used in programs intended "
7515 #: build/C/man2/setfsgid.2:85
7517 "When glibc determines that the argument is not a valid group ID, it will "
7518 "return -1 and set I<errno> to B<EINVAL> without attempting the system call."
7522 #: build/C/man2/setfsgid.2:96
7524 "Note that at the time this system call was introduced, a process could send "
7525 "a signal to a process with the same effective user ID. Today signal "
7526 "permission handling is slightly different. See B<setfsuid>(2) for a "
7527 "discussion of why the use of both B<setfsuid>(2) and B<setfsgid>() is "
7528 "nowadays unneeded."
7532 #: build/C/man2/setfsgid.2:106
7534 "The original Linux B<setfsgid>() system call supported only 16-bit group "
7535 "IDs. Subsequently, Linux 2.4 added B<setfsgid32>() supporting 32-bit IDs. "
7536 "The glibc B<setfsgid>() wrapper function transparently deals with the "
7537 "variation across kernel versions."
7541 #: build/C/man2/setfsgid.2:123
7543 "No error indications of any kind are returned to the caller, and the fact "
7544 "that both successful and unsuccessful calls return the same value makes it "
7545 "impossible to directly determine whether the call succeeded or failed. "
7546 "Instead, the caller must resort to looking at the return value from a "
7547 "further call such as I<setfsgid(-1)> (which will always fail), in order to "
7548 "determine if a preceding call to B<setfsgid>() changed the filesystem group "
7549 "ID. At the very least, B<EPERM> should be returned when the call fails "
7550 "(because the caller lacks the B<CAP_SETGID> capability)."
7554 #: build/C/man2/setfsgid.2:128
7555 msgid "B<kill>(2), B<setfsuid>(2), B<capabilities>(7), B<credentials>(7)"
7559 #: build/C/man2/setfsuid.2:31
7565 #: build/C/man2/setfsuid.2:34
7566 msgid "setfsuid - set user identity used for filesystem checks"
7570 #: build/C/man2/setfsuid.2:38
7571 msgid "B<int setfsuid(uid_t >I<fsuid>B<);>"
7575 #: build/C/man2/setfsuid.2:51
7577 "The system call B<setfsuid>() changes the value of the caller's filesystem "
7578 "user ID\\(emthe user ID that the Linux kernel uses to check for all accesses "
7579 "to the filesystem. Normally, the value of the filesystem user ID will "
7580 "shadow the value of the effective user ID. In fact, whenever the effective "
7581 "user ID is changed, the filesystem user ID will also be changed to the new "
7582 "value of the effective user ID."
7586 #: build/C/man2/setfsuid.2:62
7588 "Explicit calls to B<setfsuid>() and B<setfsgid>(2) are usually used only "
7589 "by programs such as the Linux NFS server that need to change what user and "
7590 "group ID is used for file access without a corresponding change in the real "
7591 "and effective user and group IDs. A change in the normal user IDs for a "
7592 "program such as the NFS server is a security hole that can expose it to "
7593 "unwanted signals. (But see below.)"
7597 #: build/C/man2/setfsuid.2:68
7599 "B<setfsuid>() will succeed only if the caller is the superuser or if "
7600 "I<fsuid> matches either the caller's real user ID, effective user ID, saved "
7601 "set-user-ID, or current filesystem user ID."
7605 #: build/C/man2/setfsuid.2:71
7607 "On both success and failure, this call returns the previous filesystem user "
7612 #: build/C/man2/setfsuid.2:79
7614 "B<setfsuid>() is Linux-specific and should not be used in programs intended "
7619 #: build/C/man2/setfsuid.2:85
7621 "When glibc determines that the argument is not a valid user ID, it will "
7622 "return -1 and set I<errno> to B<EINVAL> without attempting the system call."
7626 #: build/C/man2/setfsuid.2:104
7628 "At the time when this system call was introduced, one process could send a "
7629 "signal to another process with the same effective user ID. This meant that "
7630 "if a privileged process changed its effective user ID for the purpose of "
7631 "file permission checking, then it could become vulnerable to receiving "
7632 "signals sent by another (unprivileged) process with the same user ID. The "
7633 "filesystem user ID attribute was thus added to allow a process to change its "
7634 "user ID for the purposes of file permission checking without at the same "
7635 "time becoming vulnerable to receiving unwanted signals. Since Linux 2.0, "
7636 "signal permission handling is different (see B<kill>(2)), with the result "
7637 "that a process change can change its effective user ID without being "
7638 "vulnerable to receiving signals from unwanted processes. Thus, "
7639 "B<setfsuid>() is nowadays unneeded and should be avoided in new "
7640 "applications (likewise for B<setfsgid>(2))."
7644 #: build/C/man2/setfsuid.2:114
7646 "The original Linux B<setfsuid>() system call supported only 16-bit user "
7647 "IDs. Subsequently, Linux 2.4 added B<setfsuid32>() supporting 32-bit IDs. "
7648 "The glibc B<setfsuid>() wrapper function transparently deals with the "
7649 "variation across kernel versions."
7653 #: build/C/man2/setfsuid.2:131
7655 "No error indications of any kind are returned to the caller, and the fact "
7656 "that both successful and unsuccessful calls return the same value makes it "
7657 "impossible to directly determine whether the call succeeded or failed. "
7658 "Instead, the caller must resort to looking at the return value from a "
7659 "further call such as I<setfsuid(-1)> (which will always fail), in order to "
7660 "determine if a preceding call to B<setfsuid>() changed the filesystem user "
7661 "ID. At the very least, B<EPERM> should be returned when the call fails "
7662 "(because the caller lacks the B<CAP_SETUID> capability)."
7666 #: build/C/man2/setfsuid.2:136
7667 msgid "B<kill>(2), B<setfsgid>(2), B<capabilities>(7), B<credentials>(7)"
7671 #: build/C/man2/setgid.2:29
7677 #: build/C/man2/setgid.2:32
7678 msgid "setgid - set group identity"
7682 #: build/C/man2/setgid.2:38
7683 msgid "B<int setgid(gid_t >I<gid>B<);>"
7687 #: build/C/man2/setgid.2:43
7689 "B<setgid>() sets the effective group ID of the calling process. If the "
7690 "caller is the superuser, the real GID and saved set-group-ID are also set."
7694 #: build/C/man2/setgid.2:53
7696 "Under Linux, B<setgid>() is implemented like the POSIX version with the "
7697 "B<_POSIX_SAVED_IDS> feature. This allows a set-group-ID program that is not "
7698 "set-user-ID-root to drop all of its group privileges, do some un-privileged "
7699 "work, and then reengage the original effective group ID in a secure manner."
7703 #: build/C/man2/setgid.2:66
7705 "The calling process is not privileged (does not have the B<CAP_SETGID> "
7706 "capability), and I<gid> does not match the real group ID or saved "
7707 "set-group-ID of the calling process."
7711 #: build/C/man2/setgid.2:78
7713 "The original Linux B<setgid>() system call supported only 16-bit group "
7714 "IDs. Subsequently, Linux 2.4 added B<setgid32>() supporting 32-bit IDs. "
7715 "The glibc B<setgid>() wrapper function transparently deals with the "
7716 "variation across kernel versions."
7720 #: build/C/man2/setgid.2:84
7722 "B<getgid>(2), B<setegid>(2), B<setregid>(2), B<capabilities>(7), "
7727 #: build/C/man2/setpgid.2:48
7733 #: build/C/man2/setpgid.2:48
7739 #: build/C/man2/setpgid.2:51
7740 msgid "setpgid, getpgid, setpgrp, getpgrp - set/get process group"
7744 #: build/C/man2/setpgid.2:55
7745 msgid "B<int setpgid(pid_t >I<pid>B<, pid_t >I<pgid>B<);>"
7749 #: build/C/man2/setpgid.2:57
7750 msgid "B<pid_t getpgid(pid_t >I<pid>B<);>"
7754 #: build/C/man2/setpgid.2:59
7755 msgid "B<pid_t getpgrp(void);> /* POSIX.1 version */"
7759 #: build/C/man2/setpgid.2:62
7761 "B<pid_t getpgrp(pid_t >I<pid>B<);\\ \\ \\ \\ \\ \\ \\ \\ \\ \\ \\ > /* BSD "
7766 #: build/C/man2/setpgid.2:64
7767 msgid "B<int setpgrp(void);> /* System V version */"
7771 #: build/C/man2/setpgid.2:67
7772 msgid "B<int setpgrp(pid_t >I<pid>B<, pid_t >I<pgid>B<);\\ > /* BSD version */"
7776 #: build/C/man2/setpgid.2:76
7777 msgid "B<getpgid>():"
7781 #: build/C/man2/setpgid.2:84
7782 msgid "B<setpgrp>() (POSIX.1):"
7786 #: build/C/man2/setpgid.2:87
7789 " _SVID_SOURCE || _XOPEN_SOURCE\\ E<gt>=\\ 500 ||\n"
7790 " _XOPEN_SOURCE\\ &&\\ _XOPEN_SOURCE_EXTENDED\n"
7794 #: build/C/man2/setpgid.2:89
7796 msgid " || /* Since glibc 2.19: */ _BSD_SOURCE\n"
7800 #: build/C/man2/setpgid.2:93
7801 msgid "B<setpgrp>()\\ (BSD), B<getpgrp>()\\ (BSD) [before glibc 2.19]:"
7805 #: build/C/man2/setpgid.2:97
7809 " !\\ (_POSIX_SOURCE || _POSIX_C_SOURCE || _XOPEN_SOURCE ||\n"
7810 " _XOPEN_SOURCE_EXTENDED || _GNU_SOURCE || _SVID_SOURCE)\n"
7814 #: build/C/man2/setpgid.2:109
7816 "All of these interfaces are available on Linux, and are used for getting and "
7817 "setting the process group ID (PGID) of a process. The preferred, "
7818 "POSIX.1-specified ways of doing this are: B<getpgrp>(void), for retrieving "
7819 "the calling process's PGID; and B<setpgid>(), for setting a process's PGID."
7823 #: build/C/man2/setpgid.2:134
7825 "B<setpgid>() sets the PGID of the process specified by I<pid> to I<pgid>. "
7826 "If I<pid> is zero, then the process ID of the calling process is used. If "
7827 "I<pgid> is zero, then the PGID of the process specified by I<pid> is made "
7828 "the same as its process ID. If B<setpgid>() is used to move a process from "
7829 "one process group to another (as is done by some shells when creating "
7830 "pipelines), both process groups must be part of the same session (see "
7831 "B<setsid>(2) and B<credentials>(7)). In this case, the I<pgid> specifies "
7832 "an existing process group to be joined and the session ID of that group must "
7833 "match the session ID of the joining process."
7837 #: build/C/man2/setpgid.2:139
7839 "The POSIX.1 version of B<getpgrp>(), which takes no arguments, returns the "
7840 "PGID of the calling process."
7844 #: build/C/man2/setpgid.2:150
7846 "B<getpgid>() returns the PGID of the process specified by I<pid>. If "
7847 "I<pid> is zero, the process ID of the calling process is used. (Retrieving "
7848 "the PGID of a process other than the caller is rarely necessary, and the "
7849 "POSIX.1 B<getpgrp>() is preferred for that task.)"
7853 #: build/C/man2/setpgid.2:155
7855 "The System\\ V-style B<setpgrp>(), which takes no arguments, is equivalent "
7856 "to I<setpgid(0,\\ 0)>."
7860 #: build/C/man2/setpgid.2:163
7862 "The BSD-specific B<setpgrp>() call, which takes arguments I<pid> and "
7863 "I<pgid>, is is a wrapper function that calls"
7867 #: build/C/man2/setpgid.2:165
7869 msgid " setpgid(pid, pgid)\n"
7872 #. The true BSD setpgrp() system call differs in allowing the PGID
7873 #. to be set to arbitrary values, rather than being restricted to
7874 #. PGIDs in the same session.
7876 #: build/C/man2/setpgid.2:176
7878 "Since glibc 2.19, the BSD-specific B<setpgrp>() function is no longer "
7879 "exposed by I<E<lt>unistd.hE<gt>>; calls should be replaced with the "
7880 "B<setpgid>() call shown above."
7884 #: build/C/man2/setpgid.2:182
7886 "The BSD-specific B<getpgrp>() call, which takes a single I<pid> argument, "
7887 "is a wrapper function that calls"
7891 #: build/C/man2/setpgid.2:184
7893 msgid " getpgid(pid)\n"
7897 #: build/C/man2/setpgid.2:195
7899 "Since glibc 2.19, the BSD-specific B<getpgrp>() function is no longer "
7900 "exposed by I<E<lt>unistd.hE<gt>>; calls should be replaced with calls to the "
7901 "POSIX.1 B<getpgrp>() which takes no arguments (if the intent is to obtain "
7902 "the caller's PGID), or with the B<getpgid>() call shown above."
7906 #: build/C/man2/setpgid.2:204
7908 "On success, B<setpgid>() and B<setpgrp>() return zero. On error, -1 is "
7909 "returned, and I<errno> is set appropriately."
7913 #: build/C/man2/setpgid.2:208
7914 msgid "The POSIX.1 B<getpgrp>() always returns the PGID of the caller."
7918 #: build/C/man2/setpgid.2:216
7920 "B<getpgid>(), and the BSD-specific B<getpgrp>() return a process group on "
7921 "success. On error, -1 is returned, and I<errno> is set appropriately."
7925 #: build/C/man2/setpgid.2:225
7927 "An attempt was made to change the process group ID of one of the children of "
7928 "the calling process and the child had already performed an B<execve>(2) "
7929 "(B<setpgid>(), B<setpgrp>())."
7933 #: build/C/man2/setpgid.2:231
7934 msgid "I<pgid> is less than 0 (B<setpgid>(), B<setpgrp>())."
7938 #: build/C/man2/setpgid.2:240
7940 "An attempt was made to move a process into a process group in a different "
7941 "session, or to change the process group ID of one of the children of the "
7942 "calling process and the child was in a different session, or to change the "
7943 "process group ID of a session leader (B<setpgid>(), B<setpgrp>())."
7947 #: build/C/man2/setpgid.2:250
7949 "For B<getpgid>(): I<pid> does not match any process. For B<setpgid>(): "
7950 "I<pid> is not the calling process and not a child of the calling process."
7954 #: build/C/man2/setpgid.2:256
7956 "B<setpgid>() and the version of B<getpgrp>() with no arguments conform to "
7961 #: build/C/man2/setpgid.2:265
7963 "POSIX.1-2001 also specifies B<getpgid>() and the version of B<setpgrp>() "
7964 "that takes no arguments. (POSIX.1-2008 marks this B<setpgrp>() "
7965 "specification as obsolete.)"
7969 #: build/C/man2/setpgid.2:272
7971 "The version of B<getpgrp>() with one argument and the version of "
7972 "B<setpgrp>() that takes two arguments derive from 4.2BSD, and are not "
7973 "specified by POSIX.1."
7977 #: build/C/man2/setpgid.2:278
7979 "A child created via B<fork>(2) inherits its parent's process group ID. The "
7980 "PGID is preserved across an B<execve>(2)."
7984 #: build/C/man2/setpgid.2:281
7986 "Each process group is a member of a session and each process is a member of "
7987 "the session of which its process group is a member."
7991 #: build/C/man2/setpgid.2:308
7993 "A session can have a controlling terminal. At any time, one (and only one) "
7994 "of the process groups in the session can be the foreground process group for "
7995 "the terminal; the remaining process groups are in the background. If a "
7996 "signal is generated from the terminal (e.g., typing the interrupt key to "
7997 "generate B<SIGINT>), that signal is sent to the foreground process group. "
7998 "(See B<termios>(3) for a description of the characters that generate "
7999 "signals.) Only the foreground process group may B<read>(2) from the "
8000 "terminal; if a background process group tries to B<read>(2) from the "
8001 "terminal, then the group is sent a B<SIGTTIN> signal, which suspends it. "
8002 "The B<tcgetpgrp>(3) and B<tcsetpgrp>(3) functions are used to get/set the "
8003 "foreground process group of the controlling terminal."
8007 #: build/C/man2/setpgid.2:316
8009 "The B<setpgid>() and B<getpgrp>() calls are used by programs such as "
8010 "B<bash>(1) to create process groups in order to implement shell job "
8015 #: build/C/man2/setpgid.2:326
8017 "If a session has a controlling terminal, and the B<CLOCAL> flag for that "
8018 "terminal is not set, and a terminal hangup occurs, then the session leader "
8019 "is sent a B<SIGHUP>. If the session leader exits, then a B<SIGHUP> signal "
8020 "will also be sent to each process in the foreground process group of the "
8021 "controlling terminal."
8024 #. exit.3 refers to the following text:
8026 #: build/C/man2/setpgid.2:340
8028 "If the exit of the process causes a process group to become orphaned, and if "
8029 "any member of the newly orphaned process group is stopped, then a B<SIGHUP> "
8030 "signal followed by a B<SIGCONT> signal will be sent to each process in the "
8031 "newly orphaned process group. An orphaned process group is one in which the "
8032 "parent of every member of process group is either itself also a member of "
8033 "the process group or is a member of a process group in a different session "
8034 "(see also B<credentials>(7))."
8038 #: build/C/man2/setpgid.2:347
8040 "B<getuid>(2), B<setsid>(2), B<tcgetpgrp>(3), B<tcsetpgrp>(3), B<termios>(3), "
8045 #: build/C/man2/setresuid.2:26
8051 #: build/C/man2/setresuid.2:29
8052 msgid "setresuid, setresgid - set real, effective and saved user or group ID"
8056 #: build/C/man2/setresuid.2:35
8057 msgid "B<int setresuid(uid_t >I<ruid>B<, uid_t >I<euid>B<, uid_t >I<suid>B<);>"
8061 #: build/C/man2/setresuid.2:37
8062 msgid "B<int setresgid(gid_t >I<rgid>B<, gid_t >I<egid>B<, gid_t >I<sgid>B<);>"
8066 #: build/C/man2/setresuid.2:41
8068 "B<setresuid>() sets the real user ID, the effective user ID, and the saved "
8069 "set-user-ID of the calling process."
8073 #: build/C/man2/setresuid.2:47
8075 "Unprivileged user processes may change the real UID, effective UID, and "
8076 "saved set-user-ID, each to one of: the current real UID, the current "
8077 "effective UID or the current saved set-user-ID."
8081 #: build/C/man2/setresuid.2:51
8083 "Privileged processes (on Linux, those having the B<CAP_SETUID> capability) "
8084 "may set the real UID, effective UID, and saved set-user-ID to arbitrary "
8089 #: build/C/man2/setresuid.2:53
8090 msgid "If one of the arguments equals -1, the corresponding value is not changed."
8094 #: build/C/man2/setresuid.2:57
8096 "Regardless of what changes are made to the real UID, effective UID, and "
8097 "saved set-user-ID, the filesystem UID is always set to the same value as the "
8098 "(possibly new) effective UID."
8102 #: build/C/man2/setresuid.2:64
8104 "Completely analogously, B<setresgid>() sets the real GID, effective GID, "
8105 "and saved set-group-ID of the calling process (and always modifies the "
8106 "filesystem GID to be the same as the effective GID), with the same "
8107 "restrictions for unprivileged processes."
8111 #: build/C/man2/setresuid.2:70 build/C/man2/setuid.2:76
8117 #: build/C/man2/setresuid.2:77
8119 "I<uid> does not match the current UID and this call would bring that user ID "
8120 "over its B<RLIMIT_NPROC> resource limit."
8124 #: build/C/man2/setresuid.2:81
8126 "The calling process is not privileged (did not have the B<CAP_SETUID> "
8127 "capability) and tried to change the IDs to values that are not permitted."
8131 #: build/C/man2/setresuid.2:83
8132 msgid "These calls are available under Linux since Linux 2.1.44."
8136 #: build/C/man2/setresuid.2:90
8138 "Under HP-UX and FreeBSD, the prototype is found in I<E<lt>unistd.hE<gt>>. "
8139 "Under Linux the prototype is provided by glibc since version 2.3.2."
8143 #: build/C/man2/setresuid.2:106
8145 "The original Linux B<setresuid>() and B<setresgid>() system calls "
8146 "supported only 16-bit user and group IDs. Subsequently, Linux 2.4 added "
8147 "B<setresuid32>() and B<setresgid32>(), supporting 32-bit IDs. The glibc "
8148 "B<setresuid>() and B<setresgid>() wrapper functions transparently deal "
8149 "with the variations across kernel versions."
8153 #: build/C/man2/setresuid.2:115
8155 "B<getresuid>(2), B<getuid>(2), B<setfsgid>(2), B<setfsuid>(2), "
8156 "B<setreuid>(2), B<setuid>(2), B<capabilities>(7), B<credentials>(7)"
8160 #: build/C/man2/setreuid.2:45
8166 #: build/C/man2/setreuid.2:45
8172 #: build/C/man2/setreuid.2:48
8173 msgid "setreuid, setregid - set real and/or effective user or group ID"
8177 #: build/C/man2/setreuid.2:54
8178 msgid "B<int setreuid(uid_t >I<ruid>B<, uid_t >I<euid>B<);>"
8182 #: build/C/man2/setreuid.2:56
8183 msgid "B<int setregid(gid_t >I<rgid>B<, gid_t >I<egid>B<);>"
8187 #: build/C/man2/setreuid.2:64
8188 msgid "B<setreuid>(), B<setregid>():"
8192 #: build/C/man2/setreuid.2:68
8194 "_BSD_SOURCE || _XOPEN_SOURCE\\ E<gt>=\\ 500 || _XOPEN_SOURCE\\ &&\\ "
8195 "_XOPEN_SOURCE_EXTENDED"
8199 #: build/C/man2/setreuid.2:73
8200 msgid "B<setreuid>() sets real and effective user IDs of the calling process."
8204 #: build/C/man2/setreuid.2:76
8206 "Supplying a value of -1 for either the real or effective user ID forces the "
8207 "system to leave that ID unchanged."
8211 #: build/C/man2/setreuid.2:79
8213 "Unprivileged processes may only set the effective user ID to the real user "
8214 "ID, the effective user ID, or the saved set-user-ID."
8218 #: build/C/man2/setreuid.2:82
8220 "Unprivileged users may only set the real user ID to the real user ID or the "
8221 "effective user ID."
8225 #: build/C/man2/setreuid.2:88
8227 "If the real user ID is set (i.e., I<ruid> is not -1) or the effective user "
8228 "ID is set to a value not equal to the previous real user ID, the saved "
8229 "set-user-ID will be set to the new effective user ID."
8233 #: build/C/man2/setreuid.2:93
8235 "Completely analogously, B<setregid>() sets real and effective group ID's of "
8236 "the calling process, and all of the above holds with \"group\" instead of "
8241 #: build/C/man2/setreuid.2:115
8243 "The calling process is not privileged (Linux: does not have the "
8244 "B<CAP_SETUID> capability in the case of B<setreuid>(), or the B<CAP_SETGID> "
8245 "capability in the case of B<setregid>()) and a change other than (i) "
8246 "swapping the effective user (group) ID with the real user (group) ID, or "
8247 "(ii) setting one to the value of the other or (iii) setting the effective "
8248 "user (group) ID to the value of the saved set-user-ID (saved set-group-ID) "
8253 #: build/C/man2/setreuid.2:121
8255 "POSIX.1-2001, 4.3BSD (the B<setreuid>() and B<setregid>() function calls "
8256 "first appeared in 4.2BSD)."
8260 #: build/C/man2/setreuid.2:125
8262 "Setting the effective user (group) ID to the saved set-user-ID (saved "
8263 "set-group-ID) is possible since Linux 1.1.37 (1.1.38)."
8267 #: build/C/man2/setreuid.2:142
8269 "POSIX.1 does not specify all of possible ID changes that are permitted on "
8270 "Linux for an unprivileged process. For B<setreuid>(), the effective user ID "
8271 "can be made the same as the real user ID or the save set-user-ID, and it is "
8272 "unspecified whether unprivileged processes may set the real user ID to the "
8273 "real user ID, the effective user ID, or the saved set-user-ID. For "
8274 "B<setregid>(), the real group ID can be changed to the value of the saved "
8275 "set-group-ID, and the effective group ID can be changed to the value of the "
8276 "real group ID or the saved set-group-ID. The precise details of what ID "
8277 "changes are permitted vary across implementations."
8281 #: build/C/man2/setreuid.2:145
8283 "POSIX.1 makes no specification about the effect of these calls on the saved "
8284 "set-user-ID and saved set-group-ID."
8288 #: build/C/man2/setreuid.2:161
8290 "The original Linux B<setreuid>() and B<setregid>() system calls supported "
8291 "only 16-bit user and group IDs. Subsequently, Linux 2.4 added "
8292 "B<setreuid32>() and B<setregid32>(), supporting 32-bit IDs. The glibc "
8293 "B<setreuid>() and B<setregid>() wrapper functions transparently deal with "
8294 "the variations across kernel versions."
8298 #: build/C/man2/setreuid.2:169
8300 "B<getgid>(2), B<getuid>(2), B<seteuid>(2), B<setgid>(2), B<setresuid>(2), "
8301 "B<setuid>(2), B<capabilities>(7)"
8305 #: build/C/man2/setsid.2:30
8311 #: build/C/man2/setsid.2:30
8317 #: build/C/man2/setsid.2:33
8318 msgid "setsid - creates a session and sets the process group ID"
8322 #: build/C/man2/setsid.2:38
8323 msgid "B<pid_t setsid(void);>"
8327 #: build/C/man2/setsid.2:51
8329 "B<setsid>() creates a new session if the calling process is not a process "
8330 "group leader. The calling process is the leader of the new session, the "
8331 "process group leader of the new process group, and has no controlling "
8332 "terminal. The process group ID and session ID of the calling process are "
8333 "set to the PID of the calling process. The calling process will be the only "
8334 "process in this new process group and in this new session."
8338 #: build/C/man2/setsid.2:58
8340 "On success, the (new) session ID of the calling process is returned. On "
8341 "error, I<(pid_t)\\ -1> is returned, and I<errno> is set to indicate the "
8346 #: build/C/man2/setsid.2:65
8348 "The process group ID of any process equals the PID of the calling process. "
8349 "Thus, in particular, B<setsid>() fails if the calling process is already a "
8350 "process group leader."
8354 #: build/C/man2/setsid.2:73
8356 "A child created via B<fork>(2) inherits its parent's session ID. The "
8357 "session ID is preserved across an B<execve>(2)."
8361 #: build/C/man2/setsid.2:84
8363 "A process group leader is a process with process group ID equal to its PID. "
8364 "In order to be sure that B<setsid>() will succeed, B<fork>(2) and "
8365 "B<_exit>(2), and have the child do B<setsid>()."
8369 #: build/C/man2/setsid.2:91
8371 "B<setsid>(1), B<getsid>(2), B<setpgid>(2), B<setpgrp>(2), B<tcgetsid>(3), "
8376 #: build/C/man2/setuid.2:30
8382 #: build/C/man2/setuid.2:33
8383 msgid "setuid - set user identity"
8387 #: build/C/man2/setuid.2:39
8388 msgid "B<int setuid(uid_t >I<uid>B<);>"
8392 #: build/C/man2/setuid.2:44
8394 "B<setuid>() sets the effective user ID of the calling process. If the "
8395 "effective UID of the caller is root, the real UID and saved set-user-ID are "
8400 #: build/C/man2/setuid.2:53
8402 "Under Linux, B<setuid>() is implemented like the POSIX version with the "
8403 "B<_POSIX_SAVED_IDS> feature. This allows a set-user-ID (other than root) "
8404 "program to drop all of its user privileges, do some un-privileged work, and "
8405 "then reengage the original effective user ID in a secure manner."
8409 #: build/C/man2/setuid.2:63
8411 "If the user is root or the program is set-user-ID-root, special care must be "
8412 "taken. The B<setuid>() function checks the effective user ID of the caller "
8413 "and if it is the superuser, all process-related user ID's are set to "
8414 "I<uid>. After this has occurred, it is impossible for the program to regain "
8419 #: build/C/man2/setuid.2:70
8421 "Thus, a set-user-ID-root program wishing to temporarily drop root "
8422 "privileges, assume the identity of an unprivileged user, and then regain "
8423 "root privileges afterward cannot use B<setuid>(). You can accomplish this "
8424 "with B<seteuid>(2)."
8428 #: build/C/man2/setuid.2:85
8430 "The I<uid> does not match the current uid and I<uid> brings process over its "
8431 "B<RLIMIT_NPROC> resource limit."
8435 #: build/C/man2/setuid.2:92
8437 "The user is not privileged (Linux: does not have the B<CAP_SETUID> "
8438 "capability) and I<uid> does not match the real UID or saved set-user-ID of "
8439 "the calling process."
8442 #. SVr4 documents an additional EINVAL error condition.
8444 #: build/C/man2/setuid.2:97
8446 "SVr4, POSIX.1-2001. Not quite compatible with the 4.4BSD call, which sets "
8447 "all of the real, saved, and effective user IDs."
8451 #: build/C/man2/setuid.2:105
8453 "Linux has the concept of the filesystem user ID, normally equal to the "
8454 "effective user ID. The B<setuid>() call also sets the filesystem user ID "
8455 "of the calling process. See B<setfsuid>(2)."
8459 #: build/C/man2/setuid.2:110
8461 "If I<uid> is different from the old effective UID, the process will be "
8462 "forbidden from leaving core dumps."
8466 #: build/C/man2/setuid.2:120
8468 "The original Linux B<setuid>() system call supported only 16-bit user IDs. "
8469 "Subsequently, Linux 2.4 added B<setuid32>() supporting 32-bit IDs. The "
8470 "glibc B<setuid>() wrapper function transparently deals with the variation "
8471 "across kernel versions."
8475 #: build/C/man2/setuid.2:127
8477 "B<getuid>(2), B<seteuid>(2), B<setfsuid>(2), B<setreuid>(2), "
8478 "B<capabilities>(7), B<credentials>(7)"
8482 #: build/C/man7/svipc.7:40
8488 #: build/C/man7/svipc.7:43
8489 msgid "svipc - System V interprocess communication mechanisms"
8493 #: build/C/man7/svipc.7:48
8496 "B<#include E<lt>sys/msg.hE<gt>>\n"
8497 "B<#include E<lt>sys/sem.hE<gt>>\n"
8498 "B<#include E<lt>sys/shm.hE<gt>>\n"
8502 #: build/C/man7/svipc.7:56
8504 "This manual page refers to the Linux implementation of the System V "
8505 "interprocess communication (IPC) mechanisms: message queues, semaphore sets, "
8506 "and shared memory segments. In the following, the word I<resource> means an "
8507 "instantiation of one among such mechanisms."
8511 #: build/C/man7/svipc.7:56
8513 msgid "Resource access permissions"
8517 #: build/C/man7/svipc.7:64
8519 "For each resource, the system uses a common structure of type I<struct "
8520 "ipc_perm> to store information needed in determining permissions to perform "
8521 "an IPC operation. The I<ipc_perm> structure includes the following members:"
8525 #: build/C/man7/svipc.7:74
8528 "struct ipc_perm {\n"
8529 " uid_t cuid; /* creator user ID */\n"
8530 " gid_t cgid; /* creator group ID */\n"
8531 " uid_t uid; /* owner user ID */\n"
8532 " gid_t gid; /* owner group ID */\n"
8533 " unsigned short mode; /* r/w permissions */\n"
8538 #: build/C/man7/svipc.7:84
8540 "The I<mode> member of the I<ipc_perm> structure defines, with its lower 9 "
8541 "bits, the access permissions to the resource for a process executing an IPC "
8542 "system call. The permissions are interpreted as follows:"
8546 #: build/C/man7/svipc.7:88
8549 " 0400 Read by user.\n"
8550 " 0200 Write by user.\n"
8554 #: build/C/man7/svipc.7:91
8557 " 0040 Read by group.\n"
8558 " 0020 Write by group.\n"
8562 #: build/C/man7/svipc.7:94
8565 " 0004 Read by others.\n"
8566 " 0002 Write by others.\n"
8570 #: build/C/man7/svipc.7:102
8572 "Bits 0100, 0010, and 0001 (the execute bits) are unused by the system. "
8573 "Furthermore, \"write\" effectively means \"alter\" for a semaphore set."
8577 #: build/C/man7/svipc.7:105
8578 msgid "The same system header file also defines the following symbolic constants:"
8582 #: build/C/man7/svipc.7:105
8584 msgid "B<IPC_CREAT>"
8588 #: build/C/man7/svipc.7:108
8589 msgid "Create entry if key doesn't exist."
8593 #: build/C/man7/svipc.7:108
8599 #: build/C/man7/svipc.7:111
8600 msgid "Fail if key exists."
8604 #: build/C/man7/svipc.7:111
8606 msgid "B<IPC_NOWAIT>"
8610 #: build/C/man7/svipc.7:114
8611 msgid "Error if request must wait."
8615 #: build/C/man7/svipc.7:114
8617 msgid "B<IPC_PRIVATE>"
8621 #: build/C/man7/svipc.7:117
8622 msgid "Private key."
8626 #: build/C/man7/svipc.7:117
8632 #: build/C/man7/svipc.7:120
8633 msgid "Remove resource."
8637 #: build/C/man7/svipc.7:120
8643 #: build/C/man7/svipc.7:123
8644 msgid "Set resource options."
8648 #: build/C/man7/svipc.7:123
8654 #: build/C/man7/svipc.7:126
8655 msgid "Get resource options."
8659 #: build/C/man7/svipc.7:135
8661 "Note that B<IPC_PRIVATE> is a I<key_t> type, while all the other symbolic "
8662 "constants are flag fields and can be OR'ed into an I<int> type variable."
8666 #: build/C/man7/svipc.7:135
8668 msgid "Message queues"
8672 #: build/C/man7/svipc.7:143
8674 "A message queue is uniquely identified by a positive integer (its I<msqid>) "
8675 "and has an associated data structure of type I<struct msqid_ds>, defined in "
8676 "I<E<lt>sys/msg.hE<gt>>, containing the following members:"
8680 #: build/C/man7/svipc.7:156
8683 "struct msqid_ds {\n"
8684 " struct ipc_perm msg_perm;\n"
8685 " msgqnum_t msg_qnum; /* no of messages on queue */\n"
8686 " msglen_t msg_qbytes; /* bytes max on a queue */\n"
8687 " pid_t msg_lspid; /* PID of last msgsnd(2) call */\n"
8688 " pid_t msg_lrpid; /* PID of last msgrcv(2) call */\n"
8689 " time_t msg_stime; /* last msgsnd(2) time */\n"
8690 " time_t msg_rtime; /* last msgrcv(2) time */\n"
8691 " time_t msg_ctime; /* last change time */\n"
8696 #: build/C/man7/svipc.7:158
8702 #: build/C/man7/svipc.7:163
8704 "I<ipc_perm> structure that specifies the access permissions on the message "
8709 #: build/C/man7/svipc.7:163
8715 #: build/C/man7/svipc.7:166
8716 msgid "Number of messages currently on the message queue."
8720 #: build/C/man7/svipc.7:166
8722 msgid "I<msg_qbytes>"
8726 #: build/C/man7/svipc.7:170
8727 msgid "Maximum number of bytes of message text allowed on the message queue."
8731 #: build/C/man7/svipc.7:170
8733 msgid "I<msg_lspid>"
8737 #: build/C/man7/svipc.7:175
8738 msgid "ID of the process that performed the last B<msgsnd>(2) system call."
8742 #: build/C/man7/svipc.7:175
8744 msgid "I<msg_lrpid>"
8748 #: build/C/man7/svipc.7:180
8749 msgid "ID of the process that performed the last B<msgrcv>(2) system call."
8753 #: build/C/man7/svipc.7:180
8755 msgid "I<msg_stime>"
8759 #: build/C/man7/svipc.7:185
8760 msgid "Time of the last B<msgsnd>(2) system call."
8764 #: build/C/man7/svipc.7:185
8766 msgid "I<msg_rtime>"
8770 #: build/C/man7/svipc.7:190
8771 msgid "Time of the last B<msgrcv>(2) system call."
8775 #: build/C/man7/svipc.7:190
8777 msgid "I<msg_ctime>"
8781 #: build/C/man7/svipc.7:196
8783 "Time of the last system call that changed a member of the I<msqid_ds> "
8788 #: build/C/man7/svipc.7:196
8790 msgid "Semaphore sets"
8794 #: build/C/man7/svipc.7:204
8796 "A semaphore set is uniquely identified by a positive integer (its I<semid>) "
8797 "and has an associated data structure of type I<struct semid_ds>, defined in "
8798 "I<E<lt>sys/sem.hE<gt>>, containing the following members:"
8802 #: build/C/man7/svipc.7:213
8805 "struct semid_ds {\n"
8806 " struct ipc_perm sem_perm;\n"
8807 " time_t sem_otime; /* last operation time */\n"
8808 " time_t sem_ctime; /* last change time */\n"
8809 " unsigned long sem_nsems; /* count of sems in set */\n"
8814 #: build/C/man7/svipc.7:215
8820 #: build/C/man7/svipc.7:220
8822 "I<ipc_perm> structure that specifies the access permissions on the semaphore "
8827 #: build/C/man7/svipc.7:220
8829 msgid "I<sem_otime>"
8833 #: build/C/man7/svipc.7:225
8834 msgid "Time of last B<semop>(2) system call."
8838 #: build/C/man7/svipc.7:225
8840 msgid "I<sem_ctime>"
8844 #: build/C/man7/svipc.7:231
8846 "Time of last B<semctl>(2) system call that changed a member of the above "
8847 "structure or of one semaphore belonging to the set."
8851 #: build/C/man7/svipc.7:231
8853 msgid "I<sem_nsems>"
8857 #: build/C/man7/svipc.7:239
8859 "Number of semaphores in the set. Each semaphore of the set is referenced by "
8860 "a nonnegative integer ranging from B<0> to I<sem_nsems-1>."
8864 #: build/C/man7/svipc.7:243
8866 "A semaphore is a data structure of type I<struct sem> containing the "
8867 "following members:"
8870 #. unsigned short semncnt; /* nr awaiting semval to increase */
8871 #. unsigned short semzcnt; /* nr awaiting semval = 0 */
8873 #: build/C/man7/svipc.7:252
8877 " int semval; /* semaphore value */\n"
8878 " int sempid; /* PID for last operation */\n"
8883 #: build/C/man7/svipc.7:254
8889 #: build/C/man7/svipc.7:257
8890 msgid "Semaphore value: a nonnegative integer."
8894 #: build/C/man7/svipc.7:257
8901 #. Number of processes suspended awaiting for
8906 #. Number of processes suspended awaiting for
8910 #: build/C/man7/svipc.7:271
8912 "ID of the last process that performed a semaphore operation on this "
8917 #: build/C/man7/svipc.7:271
8919 msgid "Shared memory segments"
8923 #: build/C/man7/svipc.7:279
8925 "A shared memory segment is uniquely identified by a positive integer (its "
8926 "I<shmid>) and has an associated data structure of type I<struct shmid_ds>, "
8927 "defined in I<E<lt>sys/shm.hE<gt>>, containing the following members:"
8931 #: build/C/man7/svipc.7:292
8934 "struct shmid_ds {\n"
8935 " struct ipc_perm shm_perm;\n"
8936 " size_t shm_segsz; /* size of segment */\n"
8937 " pid_t shm_cpid; /* PID of creator */\n"
8938 " pid_t shm_lpid; /* PID, last operation */\n"
8939 " shmatt_t shm_nattch; /* no. of current attaches */\n"
8940 " time_t shm_atime; /* time of last attach */\n"
8941 " time_t shm_dtime; /* time of last detach */\n"
8942 " time_t shm_ctime; /* time of last change */\n"
8947 #: build/C/man7/svipc.7:294
8953 #: build/C/man7/svipc.7:299
8955 "I<ipc_perm> structure that specifies the access permissions on the shared "
8960 #: build/C/man7/svipc.7:299
8962 msgid "I<shm_segsz>"
8966 #: build/C/man7/svipc.7:302
8967 msgid "Size in bytes of the shared memory segment."
8971 #: build/C/man7/svipc.7:302
8977 #: build/C/man7/svipc.7:305
8978 msgid "ID of the process that created the shared memory segment."
8982 #: build/C/man7/svipc.7:305
8988 #: build/C/man7/svipc.7:312
8990 "ID of the last process that executed a B<shmat>(2) or B<shmdt>(2) system "
8995 #: build/C/man7/svipc.7:312
8997 msgid "I<shm_nattch>"
9001 #: build/C/man7/svipc.7:315
9002 msgid "Number of current alive attaches for this shared memory segment."
9006 #: build/C/man7/svipc.7:315
9008 msgid "I<shm_atime>"
9012 #: build/C/man7/svipc.7:320
9013 msgid "Time of the last B<shmat>(2) system call."
9017 #: build/C/man7/svipc.7:320
9019 msgid "I<shm_dtime>"
9023 #: build/C/man7/svipc.7:325
9024 msgid "Time of the last B<shmdt>(2) system call."
9028 #: build/C/man7/svipc.7:325
9030 msgid "I<shm_ctime>"
9034 #: build/C/man7/svipc.7:331
9035 msgid "Time of the last B<shmctl>(2) system call that changed I<shmid_ds>."
9039 #: build/C/man7/svipc.7:348
9041 "B<ipcmk>(1), B<ipcrm>(1), B<ipcs>(1), B<ipc>(2), B<msgctl>(2), B<msgget>(2), "
9042 "B<msgrcv>(2), B<msgsnd>(2), B<semctl>(2), B<semget>(2), B<semop>(2), "
9043 "B<shmat>(2), B<shmctl>(2), B<shmdt>(2), B<shmget>(2), B<ftok>(3)"
9047 #: build/C/man3/ulimit.3:27
9053 #: build/C/man3/ulimit.3:27
9059 #: build/C/man3/ulimit.3:30
9060 msgid "ulimit - get and set user limits"
9064 #: build/C/man3/ulimit.3:32
9065 msgid "B<#include E<lt>ulimit.hE<gt>>"
9069 #: build/C/man3/ulimit.3:34
9070 msgid "B<long ulimit(int >I<cmd>B<, long >I<newlimit>B<);>"
9074 #: build/C/man3/ulimit.3:46
9076 "Warning: This routine is obsolete. Use B<getrlimit>(2), B<setrlimit>(2), "
9077 "and B<sysconf>(3) instead. For the shell command B<ulimit>(), see "
9082 #: build/C/man3/ulimit.3:53
9084 "The B<ulimit>() call will get or set some limit for the calling process. "
9085 "The I<cmd> argument can have one of the following values."
9089 #: build/C/man3/ulimit.3:53
9091 msgid "B<UL_GETFSIZE>"
9095 #: build/C/man3/ulimit.3:56
9096 msgid "Return the limit on the size of a file, in units of 512 bytes."
9100 #: build/C/man3/ulimit.3:56
9102 msgid "B<UL_SETFSIZE>"
9106 #: build/C/man3/ulimit.3:59
9107 msgid "Set the limit on the size of a file."
9111 #: build/C/man3/ulimit.3:59
9117 #: build/C/man3/ulimit.3:63
9119 "(Not implemented for Linux.) Return the maximum possible address of the "
9124 #: build/C/man3/ulimit.3:63
9130 #: build/C/man3/ulimit.3:67
9132 "(Implemented but no symbolic constant provided.) Return the maximum number "
9133 "of files that the calling process can open."
9137 #: build/C/man3/ulimit.3:74
9139 "On success, B<ulimit>() returns a nonnegative value. On error, -1 is "
9140 "returned, and I<errno> is set appropriately."
9144 #: build/C/man3/ulimit.3:78
9145 msgid "A unprivileged process tried to increase a limit."
9149 #: build/C/man3/ulimit.3:83
9150 msgid "SVr4, POSIX.1-2001. POSIX.1-2008 marks B<ulimit>() as obsolete."
9154 #: build/C/man3/ulimit.3:88
9155 msgid "B<bash>(1), B<getrlimit>(2), B<setrlimit>(2), B<sysconf>(3)"