[thirdparty/man-pages.git] / man / man5 / proc.5

.\" Copyright (C) 1994, 1995, Daniel Quinlan <quinlan@yggdrasil.com>
.\" Copyright (C) 2002-2008, 2017, Michael Kerrisk <mtk.manpages@gmail.com>
.\" Copyright (C) 2023, Alejandro Colomar <alx@kernel.org>
.\"
.\" SPDX-License-Identifier: GPL-3.0-or-later
.\"
.TH proc 5 (date) "Linux man-pages (unreleased)"
.SH NAME
proc \- process information, system information, and sysctl pseudo-filesystem
.SH DESCRIPTION
The
.B proc
filesystem is a pseudo-filesystem which provides an interface to
kernel data structures.
It is commonly mounted at
.IR /proc .
Typically, it is mounted automatically by the system,
but it can also be mounted manually using a command such as:
.P
.in +4n
.EX
mount \-t proc proc /proc
.EE
.in
.P
Most of the files in the
.B proc
filesystem are read-only,
but some files are writable, allowing kernel variables to be changed.
.\"
.SS Mount options
The
.B proc
filesystem supports the following mount options:
.TP
.BR hidepid "=\fIn\fP (since Linux 3.3)"
.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201
This option controls who can access the information in
.IR /proc/ pid
directories.
The argument,
.IR n ,
is one of the following values:
.RS
.TP 4
0
Everybody may access all
.IR /proc/ pid
directories.
This is the traditional behavior,
and the default if this mount option is not specified.
.TP
1
Users may not access files and subdirectories inside any
.IR /proc/ pid
directories but their own (the
.IR /proc/ pid
directories themselves remain visible).
Sensitive files such as
.IR /proc/ pid /cmdline
and
.IR /proc/ pid /status
are now protected against other users.
This makes it impossible to learn whether any user is running a
specific program
(so long as the program doesn't otherwise reveal itself by its behavior).
.\" As an additional bonus, since
.\" .IR /proc/[pid]/cmdline
.\" is inaccessible for other users,
.\" poorly written programs passing sensitive information via
.\" program arguments are now protected against local eavesdroppers.
.TP
2
As for mode 1, but in addition the
.IR /proc/ pid
directories belonging to other users become invisible.
This means that
.IR /proc/ pid
entries can no longer be used to discover the PIDs on the system.
This doesn't hide the fact that a process with a specific PID value exists
(it can be learned by other means, for example, by "kill \-0 $PID"),
but it hides a process's UID and GID,
which could otherwise be learned by employing
.BR stat (2)
on a
.IR /proc/ pid
directory.
This greatly complicates an attacker's task of gathering
information about running processes (e.g., discovering whether
some daemon is running with elevated privileges,
whether another user is running some sensitive program,
whether other users are running any program at all, and so on).
.TP
.BR gid "=\fIgid\fP (since Linux 3.3)"
.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201
Specifies the ID of a group whose members are authorized to
learn process information otherwise prohibited by
.B hidepid
(i.e., users in this group behave as though
.I /proc
was mounted with
.IR hidepid=0 ).
This group should be used instead of approaches such as putting
nonroot users into the
.BR sudoers (5)
file.
.RE
.TP
.BR subset = pid " (since Linux 5.8)"
.\" commit 6814ef2d992af09451bbeda4770daa204461329e
Show only the specified subset of procfs,
hiding all top level files and directories in the procfs
that are not related to tasks.
.SS Overview
Underneath
.IR /proc ,
there are the following general groups of files and subdirectories:
.TP
.IR /proc/ "pid subdirectories"
Each one of these subdirectories contains files and subdirectories
exposing information about the process with the corresponding process ID.
.IP
Underneath each of the
.IR /proc/ pid
directories, a
.I task
subdirectory contains subdirectories of the form
.IR task/ tid,
which contain corresponding information about each of the threads
in the process, where
.I tid
is the kernel thread ID of the thread.
.IP
The
.IR /proc/ pid
subdirectories are visible when iterating through
.I /proc
with
.BR getdents (2)
(and thus are visible when one uses
.BR ls (1)
to view the contents of
.IR /proc ).
.TP
.IR /proc/ "tid subdirectories"
Each one of these subdirectories contains files and subdirectories
exposing information about the thread with the corresponding thread ID.
The contents of these directories are the same as the corresponding
.IR /proc/ pid /task/ tid
directories.
.IP
The
.IR /proc/ tid
subdirectories are
.I not
visible when iterating through
.I /proc
with
.BR getdents (2)
(and thus are
.I not
visible when one uses
.BR ls (1)
to view the contents of
.IR /proc ).
.TP
.I /proc/self
When a process accesses this magic symbolic link,
it resolves to the process's own
.IR /proc/ pid
directory.
.TP
.I /proc/thread\-self
When a thread accesses this magic symbolic link,
it resolves to the process's own
.IR /proc/self/task/ tid
directory.
.TP
.I /proc/[a\-z]*
Various other files and subdirectories under
.I /proc
expose system-wide information.
.P
All of the above are described in more detail in separate manpages
whose names start with
.BR proc_ .
.\"
.\" .SH FILES
.\" FIXME Describe /proc/[pid]/sessionid
.\"	  commit 1e0bd7550ea9cf474b1ad4c6ff5729a507f75fdc
.\"       CONFIG_AUDITSYSCALL
.\"       Added in Linux 2.6.25; read-only; only readable by real UID
.\"
.\" FIXME Describe /proc/[pid]/sched
.\"       Added in Linux 2.6.23
.\"       CONFIG_SCHED_DEBUG, and additional fields if CONFIG_SCHEDSTATS
.\"       Displays various scheduling parameters
.\"       This file can be written, to reset stats
.\"       The set of fields exposed by this file have changed
.\"	  significantly over time.
.\"       commit 43ae34cb4cd650d1eb4460a8253a8e747ba052ac
.\"
.\" FIXME Describe /proc/[pid]/schedstats and
.\"       /proc/[pid]/task/[tid]/schedstats
.\"       Added in Linux 2.6.9
.\"       CONFIG_SCHEDSTATS
.\" FIXME Document /proc/sched_debug (since Linux 2.6.23)
.\" See also /proc/[pid]/sched
.\" FIXME 2.6.13 seems to have /proc/vmcore implemented; document this
.\" 	See Documentation/kdump/kdump.txt
.\"	commit 666bfddbe8b8fd4fd44617d6c55193d5ac7edb29
.\" 	Needs CONFIG_VMCORE
.\"
.SH NOTES
Many files contain strings (e.g., the environment and command line)
that are in the internal format,
with subfields terminated by null bytes (\[aq]\e0\[aq]).
When inspecting such files, you may find that the results are more readable
if you use a command of the following form to display them:
.P
.in +4n
.EX
.RB "$" " cat \fIfile\fP | tr \[aq]\e000\[aq] \[aq]\en\[aq]"
.EE
.in
.\" .SH ACKNOWLEDGEMENTS
.\" The material on /proc/sys/fs and /proc/sys/kernel is closely based on
.\" kernel source documentation files written by Rik van Riel.
.SH SEE ALSO
.BR cat (1),
.BR dmesg (1),
.BR find (1),
.BR free (1),
.BR htop (1),
.BR init (1),
.BR ps (1),
.BR pstree (1),
.BR tr (1),
.BR uptime (1),
.BR chroot (2),
.BR mmap (2),
.BR readlink (2),
.BR syslog (2),
.BR slabinfo (5),
.BR sysfs (5),
.BR hier (7),
.BR namespaces (7),
.BR time (7),
.BR arp (8),
.BR hdparm (8),
.BR ifconfig (8),
.BR lsmod (8),
.BR lspci (8),
.BR mount (8),
.BR netstat (8),
.BR procinfo (8),
.BR route (8),
.BR sysctl (8)
.P
The Linux kernel source files:
.IR Documentation/filesystems/proc.rst ,
.IR Documentation/admin\-guide/sysctl/fs.rst ,
.IR Documentation/admin\-guide/sysctl/kernel.rst ,
.IR Documentation/admin\-guide/sysctl/net.rst ,
and
.IR Documentation/admin\-guide/sysctl/vm.rst .
Commit	Line	Data
9e3fdcb6 AC	1	.\" Copyright (C) 1994, 1995, Daniel Quinlan <quinlan@yggdrasil.com>
9e3fdcb6 AC	2	.\" Copyright (C) 2002-2008, 2017, Michael Kerrisk <mtk.manpages@gmail.com>
92cdcec7	3	.\" Copyright (C) 2023, Alejandro Colomar <alx@kernel.org>
fea681da	4	.\"
92cdcec7	5	.\" SPDX-License-Identifier: GPL-3.0-or-later
363f747c	6	.\"
a5ebdc8d	7	.TH proc 5 (date) "Linux man-pages (unreleased)"
fea681da	8	.SH NAME
2e1c1a57	9	proc \- process information, system information, and sysctl pseudo-filesystem
fea681da MK	10	.SH DESCRIPTION
fea681da MK	11	The
31fa1fd2	12	.B proc
ac8727b6	13	filesystem is a pseudo-filesystem which provides an interface to
c13182ef MK	14	kernel data structures.
c13182ef MK	15	It is commonly mounted at
fea681da	16	.IR /proc .
b574c52d MK	17	Typically, it is mounted automatically by the system,
b574c52d MK	18	but it can also be mounted manually using a command such as:
c6d039a3	19	.P
b574c52d MK	20	.in +4n
	21	.EX
	22	mount \-t proc proc /proc
	23	.EE
	24	.in
c6d039a3	25	.P
7e174651	26	Most of the files in the
31fa1fd2	27	.B proc
7e174651	28	filesystem are read-only,
64165e01	29	but some files are writable, allowing kernel variables to be changed.
7e174651	30	.\"
fee59977 MK	31	.SS Mount options
fee59977 MK	32	The
31fa1fd2	33	.B proc
fee59977 MK	34	filesystem supports the following mount options:
	35	.TP
	36	.BR hidepid "=\fIn\fP (since Linux 3.3)"
	37	.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201
	38	This option controls who can access the information in
1ae6b2c7	39	.IR /proc/ pid
fee59977 MK	40	directories.
	41	The argument,
	42	.IR n ,
	43	is one of the following values:
	44	.RS
	45	.TP 4
	46	0
	47	Everybody may access all
1ae6b2c7	48	.IR /proc/ pid
fee59977 MK	49	directories.
	50	This is the traditional behavior,
	51	and the default if this mount option is not specified.
	52	.TP
	53	1
	54	Users may not access files and subdirectories inside any
1ae6b2c7	55	.IR /proc/ pid
fee59977	56	directories but their own (the
1ae6b2c7	57	.IR /proc/ pid
fee59977 MK	58	directories themselves remain visible).
fee59977 MK	59	Sensitive files such as
1ae6b2c7	60	.IR /proc/ pid /cmdline
fee59977	61	and
1ae6b2c7	62	.IR /proc/ pid /status
fee59977 MK	63	are now protected against other users.
	64	This makes it impossible to learn whether any user is running a
	65	specific program
	66	(so long as the program doesn't otherwise reveal itself by its behavior).
	67	.\" As an additional bonus, since
97949440	68	.\" .IR /proc/[pid]/cmdline
9d4976ce	69	.\" is inaccessible for other users,
fee59977 MK	70	.\" poorly written programs passing sensitive information via
	71	.\" program arguments are now protected against local eavesdroppers.
	72	.TP
	73	2
	74	As for mode 1, but in addition the
1ae6b2c7	75	.IR /proc/ pid
fee59977 MK	76	directories belonging to other users become invisible.
fee59977 MK	77	This means that
1ae6b2c7	78	.IR /proc/ pid
fee59977 MK	79	entries can no longer be used to discover the PIDs on the system.
fee59977 MK	80	This doesn't hide the fact that a process with a specific PID value exists
9bc87ed0	81	(it can be learned by other means, for example, by "kill \-0 $PID"),
fee59977 MK	82	but it hides a process's UID and GID,
	83	which could otherwise be learned by employing
	84	.BR stat (2)
	85	on a
1ae6b2c7	86	.IR /proc/ pid
fee59977 MK	87	directory.
	88	This greatly complicates an attacker's task of gathering
	89	information about running processes (e.g., discovering whether
	90	some daemon is running with elevated privileges,
	91	whether another user is running some sensitive program,
	92	whether other users are running any program at all, and so on).
fee59977 MK	93	.TP
	94	.BR gid "=\fIgid\fP (since Linux 3.3)"
	95	.\" commit 0499680a42141d86417a8fbaa8c8db806bea1201
	96	Specifies the ID of a group whose members are authorized to
	97	learn process information otherwise prohibited by
1ae6b2c7	98	.B hidepid
95b1c1d1	99	(i.e., users in this group behave as though
fee59977 MK	100	.I /proc
fee59977 MK	101	was mounted with
95b1c1d1	102	.IR hidepid=0 ).
fee59977 MK	103	This group should be used instead of approaches such as putting
	104	nonroot users into the
	105	.BR sudoers (5)
	106	file.
dd465607 MC	107	.RE
	108	.TP
	109	.BR subset = pid " (since Linux 5.8)"
	110	.\" commit 6814ef2d992af09451bbeda4770daa204461329e
	111	Show only the specified subset of procfs,
	112	hiding all top level files and directories in the procfs
	113	that are not related to tasks.
3c7cfa32 MK	114	.SS Overview
	115	Underneath
	116	.IR /proc ,
	117	there are the following general groups of files and subdirectories:
	118	.TP
1ae6b2c7	119	.IR /proc/ "pid subdirectories"
3c7cfa32 MK	120	Each one of these subdirectories contains files and subdirectories
	121	exposing information about the process with the corresponding process ID.
	122	.IP
	123	Underneath each of the
1ae6b2c7	124	.IR /proc/ pid
3c7cfa32	125	directories, a
7fe3b32b	126	.I task
3c7cfa32	127	subdirectory contains subdirectories of the form
1ae6b2c7	128	.IR task/ tid,
3c7cfa32 MK	129	which contain corresponding information about each of the threads
	130	in the process, where
	131	.I tid
	132	is the kernel thread ID of the thread.
01df7b70 MK	133	.IP
01df7b70 MK	134	The
1ae6b2c7	135	.IR /proc/ pid
01df7b70 MK	136	subdirectories are visible when iterating through
	137	.I /proc
	138	with
	139	.BR getdents (2)
	140	(and thus are visible when one uses
	141	.BR ls (1)
	142	to view the contents of
	143	.IR /proc ).
	144	.TP
1ae6b2c7	145	.IR /proc/ "tid subdirectories"
01df7b70 MK	146	Each one of these subdirectories contains files and subdirectories
01df7b70 MK	147	exposing information about the thread with the corresponding thread ID.
37cd58d2	148	The contents of these directories are the same as the corresponding
1ae6b2c7	149	.IR /proc/ pid /task/ tid
37cd58d2	150	directories.
01df7b70 MK	151	.IP
01df7b70 MK	152	The
1ae6b2c7	153	.IR /proc/ tid
01df7b70 MK	154	subdirectories are
	155	.I not
	156	visible when iterating through
	157	.I /proc
	158	with
	159	.BR getdents (2)
	160	(and thus are
	161	.I not
	162	visible when one uses
	163	.BR ls (1)
3c7cfa32 MK	164	to view the contents of
	165	.IR /proc ).
	166	.TP
	167	.I /proc/self
	168	When a process accesses this magic symbolic link,
	169	it resolves to the process's own
1ae6b2c7	170	.IR /proc/ pid
3c7cfa32 MK	171	directory.
3c7cfa32 MK	172	.TP
184d797d	173	.I /proc/thread\-self
3c7cfa32 MK	174	When a thread accesses this magic symbolic link,
3c7cfa32 MK	175	it resolves to the process's own
1ae6b2c7	176	.IR /proc/self/task/ tid
3c7cfa32 MK	177	directory.
3c7cfa32 MK	178	.TP
184d797d	179	.I /proc/[a\-z]*
3c7cfa32 MK	180	Various other files and subdirectories under
	181	.I /proc
	182	expose system-wide information.
c6d039a3	183	.P
5125d867 SB	184	All of the above are described in more detail in separate manpages
	185	whose names start with
	186	.BR proc_ .
3c7cfa32	187	.\"
92cdcec7	188	.\" .SH FILES
69119dc7	189	.\" FIXME Describe /proc/[pid]/sessionid
b3fb99e8	190	.\" commit 1e0bd7550ea9cf474b1ad4c6ff5729a507f75fdc
b4e9ee8f	191	.\" CONFIG_AUDITSYSCALL
b324e17d	192	.\" Added in Linux 2.6.25; read-only; only readable by real UID
bea08fec	193	.\"
69119dc7	194	.\" FIXME Describe /proc/[pid]/sched
b324e17d	195	.\" Added in Linux 2.6.23
b4e9ee8f MK	196	.\" CONFIG_SCHED_DEBUG, and additional fields if CONFIG_SCHEDSTATS
	197	.\" Displays various scheduling parameters
	198	.\" This file can be written, to reset stats
ef4f4031	199	.\" The set of fields exposed by this file have changed
b3fb99e8 MK	200	.\" significantly over time.
	201	.\" commit 43ae34cb4cd650d1eb4460a8253a8e747ba052ac
	202	.\"
69119dc7 MK	203	.\" FIXME Describe /proc/[pid]/schedstats and
69119dc7 MK	204	.\" /proc/[pid]/task/[tid]/schedstats
b324e17d	205	.\" Added in Linux 2.6.9
b4e9ee8f	206	.\" CONFIG_SCHEDSTATS
43d42cc0	207	.\" FIXME Document /proc/sched_debug (since Linux 2.6.23)
69119dc7	208	.\" See also /proc/[pid]/sched
bea08fec	209	.\" FIXME 2.6.13 seems to have /proc/vmcore implemented; document this
64dbd023 MK	210	.\" See Documentation/kdump/kdump.txt
	211	.\" commit 666bfddbe8b8fd4fd44617d6c55193d5ac7edb29
	212	.\" Needs CONFIG_VMCORE
	213	.\"
e37e3282	214	.SH NOTES
f0d6cc5f MK	215	Many files contain strings (e.g., the environment and command line)
f0d6cc5f MK	216	that are in the internal format,
b957f81f	217	with subfields terminated by null bytes (\[aq]\e0\[aq]).
f0d6cc5f MK	218	When inspecting such files, you may find that the results are more readable
f0d6cc5f MK	219	if you use a command of the following form to display them:
c6d039a3	220	.P
295fe9e0 MK	221	.in +4n
295fe9e0 MK	222	.EX
b957f81f	223	.RB "$" " cat \fIfile\fP \| tr \[aq]\e000\[aq] \[aq]\en\[aq]"
295fe9e0 MK	224	.EE
295fe9e0 MK	225	.in
e37e3282 MK	226	.\" .SH ACKNOWLEDGEMENTS
	227	.\" The material on /proc/sys/fs and /proc/sys/kernel is closely based on
	228	.\" kernel source documentation files written by Rik van Riel.
47297adb	229	.SH SEE ALSO
fea681da	230	.BR cat (1),
c4517613	231	.BR dmesg (1),
fea681da MK	232	.BR find (1),
fea681da MK	233	.BR free (1),
397d130a	234	.BR htop (1),
5bb0a75e	235	.BR init (1),
fea681da	236	.BR ps (1),
397d130a	237	.BR pstree (1),
fea681da MK	238	.BR tr (1),
	239	.BR uptime (1),
	240	.BR chroot (2),
	241	.BR mmap (2),
	242	.BR readlink (2),
	243	.BR syslog (2),
	244	.BR slabinfo (5),
561fb695	245	.BR sysfs (5),
fea681da	246	.BR hier (7),
4effb5be	247	.BR namespaces (7),
268f000b	248	.BR time (7),
fea681da	249	.BR arp (8),
fea681da MK	250	.BR hdparm (8),
fea681da MK	251	.BR ifconfig (8),
fea681da MK	252	.BR lsmod (8),
fea681da MK	253	.BR lspci (8),
809d0164	254	.BR mount (8),
fea681da MK	255	.BR netstat (8),
fea681da MK	256	.BR procinfo (8),
128f43c7 MK	257	.BR route (8),
128f43c7 MK	258	.BR sysctl (8)
c6d039a3	259	.P
66a9882e	260	The Linux kernel source files:
8a5fc410 MK	261	.IR Documentation/filesystems/proc.rst ,
	262	.IR Documentation/admin\-guide/sysctl/fs.rst ,
	263	.IR Documentation/admin\-guide/sysctl/kernel.rst ,
	264	.IR Documentation/admin\-guide/sysctl/net.rst ,
66a9882e	265	and
8a5fc410	266	.IR Documentation/admin\-guide/sysctl/vm.rst .