]>
Commit | Line | Data |
---|---|---|
c11b1abf | 1 | .\" Copyright (c) 2007 by Michael Kerrisk <mtk.manpages@gmail.com> |
8e5a067a | 2 | .\" |
93015253 | 3 | .\" %%%LICENSE_START(VERBATIM) |
8e5a067a MK |
4 | .\" Permission is granted to make and distribute verbatim copies of this |
5 | .\" manual provided the copyright notice and this permission notice are | |
6 | .\" preserved on all copies. | |
7 | .\" | |
8 | .\" Permission is granted to copy and distribute modified versions of this | |
9 | .\" manual under the conditions for verbatim copying, provided that the | |
10 | .\" entire resulting derived work is distributed under the terms of a | |
11 | .\" permission notice identical to this one. | |
12 | .\" | |
13 | .\" Since the Linux kernel and libraries are constantly changing, this | |
14 | .\" manual page may be incorrect or out-of-date. The author(s) assume no | |
15 | .\" responsibility for errors or omissions, or for damages resulting from | |
10d76543 MK |
16 | .\" the use of the information contained herein. The author(s) may not |
17 | .\" have taken the same level of care in the production of this manual, | |
18 | .\" which is licensed free of charge, as they might when working | |
19 | .\" professionally. | |
8e5a067a MK |
20 | .\" |
21 | .\" Formatted or processed versions of this manual, if unaccompanied by | |
22 | .\" the source, must acknowledge the copyright and authors of this work. | |
4b72fb64 | 23 | .\" %%%LICENSE_END |
8e5a067a MK |
24 | .\" |
25 | .\" 2007-06-13 Creation | |
26 | .\" | |
3df541c0 | 27 | .TH CREDENTIALS 7 2016-07-17 "Linux" "Linux Programmer's Manual" |
8e5a067a MK |
28 | .SH NAME |
29 | credentials \- process identifiers | |
30 | .SH DESCRIPTION | |
31 | .SS Process ID (PID) | |
2fda57bd | 32 | Each process has a unique nonnegative integer identifier |
8e5a067a MK |
33 | that is assigned when the process is created using |
34 | .BR fork (2). | |
35 | A process can obtain its PID using | |
36 | .BR getpid (2). | |
37 | A PID is represented using the type | |
0daa9e92 | 38 | .I pid_t |
8e5a067a MK |
39 | (defined in |
40 | .IR <sys/types.h> ). | |
41 | ||
42 | PIDs are used in a range of system calls to identify the process | |
43 | affected by the call, for example: | |
44 | .BR kill (2), | |
45 | .BR ptrace (2), | |
46 | .BR setpriority (2) | |
47 | .\" .BR sched_rr_get_interval (2), | |
48 | .\" .BR sched_getaffinity (2), | |
49 | .\" .BR sched_setaffinity (2), | |
50 | .\" .BR sched_getparam (2), | |
51 | .\" .BR sched_setparam (2), | |
52 | .\" .BR sched_setscheduler (2), | |
53 | .\" .BR sched_getscheduler (2), | |
54 | .BR setpgid (2), | |
55 | .\" .BR getsid (2), | |
56 | .BR setsid (2), | |
485ab701 | 57 | .BR sigqueue (3), |
8e5a067a MK |
58 | and |
59 | .BR waitpid (2). | |
60 | .\" .BR waitid (2), | |
61 | .\" .BR wait4 (2), | |
62 | ||
63 | A process's PID is preserved across an | |
64 | .BR execve (2). | |
c634028a | 65 | .SS Parent process ID (PPID) |
cfadad46 | 66 | A process's parent process ID identifies the process that created |
8e5a067a MK |
67 | this process using |
68 | .BR fork (2). | |
69 | A process can obtain its PPID using | |
70 | .BR getppid (2). | |
71 | A PPID is represented using the type | |
72 | .IR pid_t . | |
73 | ||
74 | A process's PPID is preserved across an | |
75 | .BR execve (2). | |
c634028a | 76 | .SS Process group ID and session ID |
8e5a067a MK |
77 | Each process has a session ID and a process group ID, |
78 | both represented using the type | |
79 | .IR pid_t . | |
988db661 | 80 | A process can obtain its session ID using |
36b91932 | 81 | .BR getsid (2), |
8e5a067a MK |
82 | and its process group ID using |
83 | .BR getpgrp (2). | |
84 | ||
85 | A child created by | |
86 | .BR fork (2) | |
87 | inherits its parent's session ID and process group ID. | |
88 | A process's session ID and process group ID are preserved across an | |
89 | .BR execve (2). | |
90 | ||
91 | Sessions and process groups are abstractions devised to support shell | |
92 | job control. | |
988db661 | 93 | A process group (sometimes called a "job") is a collection of |
8e5a067a MK |
94 | processes that share the same process group ID; |
95 | the shell creates a new process group for the process(es) used | |
96 | to execute single command or pipeline (e.g., the two processes | |
97 | created to execute the command "ls\ |\ wc" are placed in the | |
98 | same process group). | |
99 | A process's group membership can be set using | |
100 | .BR setpgid (2). | |
101 | The process whose process ID is the same as its process group ID is the | |
102 | \fIprocess group leader\fP for that group. | |
103 | ||
104 | A session is a collection of processes that share the same session ID. | |
105 | All of the members of a process group also have the same session ID | |
106 | (i.e., all of the members of a process group always belong to the | |
107 | same session, so that sessions and process groups form a strict | |
108 | two-level hierarchy of processes.) | |
109 | A new session is created when a process calls | |
110 | .BR setsid (2), | |
111 | which creates a new session whose session ID is the same | |
112 | as the PID of the process that called | |
113 | .BR setsid (2). | |
114 | The creator of the session is called the \fIsession leader\fP. | |
299eee50 | 115 | |
eb4df3a0 MK |
116 | All of the processes in a session share a |
117 | .IR "controlling terminal" . | |
118 | The controlling terminal is established when the session leader | |
119 | first opens a terminal (unless the | |
120 | .BR O_NOCTTY | |
121 | flag is specified when calling | |
122 | .BR open (2)). | |
123 | A terminal may be the controlling terminal of at most one session. | |
124 | ||
125 | At most one of the jobs in a session may be the | |
126 | .IR "foreground job" ; | |
127 | other jobs in the session are | |
128 | .IR "background jobs" . | |
129 | Only the foreground job may read from the terminal; | |
130 | when a process in the background attempts to read from the terminal, | |
131 | its process group is sent a | |
132 | .BR SIGTTIN | |
133 | signal, which suspends the job. | |
134 | If the | |
135 | .BR TOSTOP | |
136 | flag has been set for the terminal (see | |
137 | .BR termios (3)), | |
138 | then only the foreground job may write to the terminal; | |
139 | writes from background job cause a | |
140 | .BR SIGTTOU | |
141 | signal to be generated, which suspends the job. | |
142 | When terminal keys that generate a signal (such as the | |
143 | .I interrupt | |
144 | key, normally control-C) | |
145 | are pressed, the signal is sent to the processes in the foreground job. | |
146 | ||
d3532647 | 147 | Various system calls and library functions |
299eee50 MK |
148 | may operate on all members of a process group, |
149 | including | |
150 | .BR kill (2), | |
498aad50 | 151 | .BR killpg (3), |
299eee50 MK |
152 | .BR getpriority (2), |
153 | .BR setpriority (2), | |
154 | .BR ioprio_get (2), | |
155 | .BR ioprio_set (2), | |
156 | .BR waitid (2), | |
157 | and | |
158 | .BR waitpid (2). | |
159 | See also the discussion of the | |
160 | .BR F_GETOWN , | |
161 | .BR F_GETOWN_EX , | |
162 | .BR F_SETOWN , | |
163 | and | |
164 | .BR F_SETOWN_EX | |
165 | operations in | |
166 | .BR fcntl (2). | |
c634028a | 167 | .SS User and group identifiers |
8e5a067a MK |
168 | Each process has various associated user and groups IDs. |
169 | These IDs are integers, respectively represented using the types | |
170 | .I uid_t | |
171 | and | |
0daa9e92 | 172 | .I gid_t |
8e5a067a MK |
173 | (defined in |
174 | .IR <sys/types.h> ). | |
175 | ||
176 | On Linux, each process has the following user and group identifiers: | |
177 | .IP * 3 | |
178 | Real user ID and real group ID. | |
179 | These IDs determine who owns the process. | |
180 | A process can obtain its real user (group) ID using | |
181 | .BR getuid (2) | |
182 | .RB ( getgid (2)). | |
183 | .IP * | |
184 | Effective user ID and effective group ID. | |
185 | These IDs are used by the kernel to determine the permissions | |
186 | that the process will have when accessing shared resources such | |
187 | as message queues, shared memory, and semaphores. | |
008f1ecc | 188 | On most UNIX systems, these IDs also determine the |
8e5a067a | 189 | permissions when accessing files. |
9ee4a2b6 | 190 | However, Linux uses the filesystem IDs described below |
8e5a067a MK |
191 | for this task. |
192 | A process can obtain its effective user (group) ID using | |
193 | .BR geteuid (2) | |
194 | .RB ( getegid (2)). | |
195 | .IP * | |
196 | Saved set-user-ID and saved set-group-ID. | |
197 | These IDs are used in set-user-ID and set-group-ID programs to save | |
198 | a copy of the corresponding effective IDs that were set when | |
199 | the program was executed (see | |
200 | .BR execve (2)). | |
201 | A set-user-ID program can assume and drop privileges by | |
202 | switching its effective user ID back and forth between the values | |
203 | in its real user ID and saved set-user-ID. | |
204 | This switching is done via calls to | |
205 | .BR seteuid (2), | |
206 | .BR setreuid (2), | |
207 | or | |
208 | .BR setresuid (2). | |
209 | A set-group-ID program performs the analogous tasks using | |
210 | .BR setegid (2), | |
211 | .BR setregid (2), | |
212 | or | |
213 | .BR setresgid (2). | |
214 | A process can obtain its saved set-user-ID (set-group-ID) using | |
215 | .BR getresuid (2) | |
216 | .RB ( getresgid (2)). | |
217 | .IP * | |
9ee4a2b6 | 218 | Filesystem user ID and filesystem group ID (Linux-specific). |
8e5a067a MK |
219 | These IDs, in conjunction with the supplementary group IDs described |
220 | below, are used to determine permissions for accessing files; see | |
221 | .BR path_resolution (7) | |
222 | for details. | |
223 | Whenever a process's effective user (group) ID is changed, | |
9ee4a2b6 | 224 | the kernel also automatically changes the filesystem user (group) ID |
8e5a067a | 225 | to the same value. |
9ee4a2b6 | 226 | Consequently, the filesystem IDs normally have the same values |
8e5a067a | 227 | as the corresponding effective ID, and the semantics for file-permission |
008f1ecc | 228 | checks are thus the same on Linux as on other UNIX systems. |
9ee4a2b6 | 229 | The filesystem IDs can be made to differ from the effective IDs |
8e5a067a MK |
230 | by calling |
231 | .BR setfsuid (2) | |
232 | and | |
233 | .BR setfsgid (2). | |
234 | .IP * | |
235 | Supplementary group IDs. | |
236 | This is a set of additional group IDs that are used for permission | |
237 | checks when accessing files and other shared resources. | |
238 | On Linux kernels before 2.6.4, | |
239 | a process can be a member of up to 32 supplementary groups; | |
240 | since kernel 2.6.4, | |
241 | a process can be a member of up to 65536 supplementary groups. | |
b15f3638 MK |
242 | The call |
243 | .I sysconf(_SC_NGROUPS_MAX) | |
244 | can be used to determine the number of supplementary groups | |
245 | of which a process may be a member. | |
8e5a067a MK |
246 | .\" Since kernel 2.6.4, the limit is visible via the read-only file |
247 | .\" /proc/sys/kernel/ngroups_max. | |
248 | .\" As at 2.6.22-rc2, this file is still read-only. | |
249 | A process can obtain its set of supplementary group IDs using | |
6c4bd3ed | 250 | .BR getgroups (2), |
8e5a067a MK |
251 | and can modify the set using |
252 | .BR setgroups (2). | |
253 | .PP | |
254 | A child process created by | |
255 | .BR fork (2) | |
256 | inherits copies of its parent's user and groups IDs. | |
257 | During an | |
258 | .BR execve (2), | |
988db661 | 259 | a process's real user and group ID and supplementary |
8e5a067a MK |
260 | group IDs are preserved; |
261 | the effective and saved set IDs may be changed, as described in | |
262 | .BR execve (2). | |
263 | ||
264 | Aside from the purposes noted above, | |
265 | a process's user IDs are also employed in a number of other contexts: | |
266 | .IP * 3 | |
bf263379 MK |
267 | when determining the permissions for sending signals (see |
268 | .BR kill (2)); | |
8e5a067a MK |
269 | .IP * |
270 | when determining the permissions for setting | |
988db661 | 271 | process-scheduling parameters (nice value, real time |
8e5a067a MK |
272 | scheduling policy and priority, CPU affinity, I/O priority) using |
273 | .BR setpriority (2), | |
274 | .BR sched_setaffinity (2), | |
275 | .BR sched_setscheduler (2), | |
276 | .BR sched_setparam (2), | |
283d0def | 277 | .BR sched_setattr (2), |
8e5a067a MK |
278 | and |
279 | .BR ioprio_set (2); | |
280 | .IP * | |
bf263379 MK |
281 | when checking resource limits (see |
282 | .BR getrlimit (2)); | |
8e5a067a MK |
283 | .IP * |
284 | when checking the limit on the number of inotify instances | |
bf263379 MK |
285 | that the process may create (see |
286 | .BR inotify (7)). | |
47297adb | 287 | .SH CONFORMING TO |
0034a22b | 288 | Process IDs, parent process IDs, process group IDs, and session IDs |
eedfc430 | 289 | are specified in POSIX.1. |
f8850a38 | 290 | The real, effective, and saved set user and groups IDs, |
eedfc430 | 291 | and the supplementary group IDs, are specified in POSIX.1. |
9ee4a2b6 | 292 | The filesystem user and group IDs are a Linux extension. |
8e5a067a | 293 | .SH NOTES |
6923f52c MK |
294 | The POSIX threads specification requires that |
295 | credentials are shared by all of the threads in a process. | |
296 | However, at the kernel level, Linux maintains separate user and group | |
297 | credentials for each thread. | |
298 | The NPTL threading implementation does some work to ensure | |
299 | that any change to user or group credentials | |
300 | (e.g., calls to | |
301 | .BR setuid (2), | |
41fa59c0 | 302 | .BR setresuid (2)) |
6923f52c | 303 | is carried through to all of the POSIX threads in a process. |
2baa3e91 MK |
304 | See |
305 | .BR nptl (7) | |
306 | for further details. | |
47297adb | 307 | .SH SEE ALSO |
8e5a067a | 308 | .BR bash (1), |
f0c34053 | 309 | .BR csh (1), |
bcaa9b6e | 310 | .BR groups (1), |
4d3b948c | 311 | .BR id (1), |
17fb5e56 | 312 | .BR newgrp (1), |
8e5a067a | 313 | .BR ps (1), |
0b8adf96 | 314 | .BR runuser (1), |
127a794d MK |
315 | .BR sg (1), |
316 | .BR su (1), | |
8e5a067a MK |
317 | .BR access (2), |
318 | .BR execve (2), | |
319 | .BR faccessat (2), | |
320 | .BR fork (2), | |
fadd2e65 | 321 | .BR getgroups (2), |
8e5a067a MK |
322 | .BR getpgrp (2), |
323 | .BR getpid (2), | |
324 | .BR getppid (2), | |
325 | .BR getsid (2), | |
326 | .BR kill (2), | |
8e5a067a MK |
327 | .BR setegid (2), |
328 | .BR seteuid (2), | |
329 | .BR setfsgid (2), | |
330 | .BR setfsuid (2), | |
331 | .BR setgid (2), | |
332 | .BR setgroups (2), | |
9d604ae9 | 333 | .BR setpgid (2), |
8e5a067a MK |
334 | .BR setresgid (2), |
335 | .BR setresuid (2), | |
9d604ae9 | 336 | .BR setsid (2), |
8e5a067a MK |
337 | .BR setuid (2), |
338 | .BR waitpid (2), | |
339 | .BR euidaccess (3), | |
340 | .BR initgroups (3), | |
498aad50 | 341 | .BR killpg (3), |
8e5a067a MK |
342 | .BR tcgetpgrp (3), |
343 | .BR tcsetpgrp (3), | |
d17b32ad MK |
344 | .BR group (5), |
345 | .BR passwd (5), | |
8e5a067a | 346 | .BR capabilities (7), |
4effb5be | 347 | .BR namespaces (7), |
8e5a067a | 348 | .BR path_resolution (7), |
7e0e902b | 349 | .BR pid_namespaces (7), |
19832d3c | 350 | .BR pthreads (7), |
eb4df3a0 | 351 | .BR signal (7), |
2b4be1ea | 352 | .BR unix (7), |
d17b32ad | 353 | .BR user_namespaces (7), |
2b4be1ea | 354 | .BR sudo (8) |