1 .\" This manpage is Copyright (C) 1992 Drew Eckhardt;
2 .\" and Copyright (C) 1993 Michael Haardt, Ian Jackson.
3 .\" and Copyright (C) 2008 Greg Banks
4 .\" and Copyright (C) 2006, 2008, 2013, 2014 Michael Kerrisk <mtk.manpages@gmail.com>
6 .\" %%%LICENSE_START(VERBATIM)
7 .\" Permission is granted to make and distribute verbatim copies of this
8 .\" manual provided the copyright notice and this permission notice are
9 .\" preserved on all copies.
11 .\" Permission is granted to copy and distribute modified versions of this
12 .\" manual under the conditions for verbatim copying, provided that the
13 .\" entire resulting derived work is distributed under the terms of a
14 .\" permission notice identical to this one.
16 .\" Since the Linux kernel and libraries are constantly changing, this
17 .\" manual page may be incorrect or out-of-date. The author(s) assume no
18 .\" responsibility for errors or omissions, or for damages resulting from
19 .\" the use of the information contained herein. The author(s) may not
20 .\" have taken the same level of care in the production of this manual,
21 .\" which is licensed free of charge, as they might when working
24 .\" Formatted or processed versions of this manual, if unaccompanied by
25 .\" the source, must acknowledge the copyright and authors of this work.
28 .\" Modified 1993-07-21 by Rik Faith <faith@cs.unc.edu>
29 .\" Modified 1994-08-21 by Michael Haardt
30 .\" Modified 1996-04-13 by Andries Brouwer <aeb@cwi.nl>
31 .\" Modified 1996-05-13 by Thomas Koenig
32 .\" Modified 1996-12-20 by Michael Haardt
33 .\" Modified 1999-02-19 by Andries Brouwer <aeb@cwi.nl>
34 .\" Modified 1998-11-28 by Joseph S. Myers <jsm28@hermes.cam.ac.uk>
35 .\" Modified 1999-06-03 by Michael Haardt
36 .\" Modified 2002-05-07 by Michael Kerrisk <mtk.manpages@gmail.com>
37 .\" Modified 2004-06-23 by Michael Kerrisk <mtk.manpages@gmail.com>
38 .\" 2004-12-08, mtk, reordered flags list alphabetically
39 .\" 2004-12-08, Martin Pool <mbp@sourcefrog.net> (& mtk), added O_NOATIME
40 .\" 2007-09-18, mtk, Added description of O_CLOEXEC + other minor edits
41 .\" 2008-01-03, mtk, with input from Trond Myklebust
42 .\" <trond.myklebust@fys.uio.no> and Timo Sirainen <tss@iki.fi>
43 .\" Rewrite description of O_EXCL.
44 .\" 2008-01-11, Greg Banks <gnb@melbourne.sgi.com>: add more detail
46 .\" 2008-02-26, Michael Haardt: Reorganized text for O_CREAT and mode
48 .\" FIXME . Apr 08: The next POSIX revision has O_EXEC, O_SEARCH, and
49 .\" O_TTYINIT. Eventually these may need to be documented. --mtk
51 .TH OPEN 2 2020-11-01 "Linux" "Linux Programmer's Manual"
53 open, openat, creat \- open and possibly create a file
56 .B #include <sys/stat.h>
59 .BI "int open(const char *" pathname ", int " flags );
60 .BI "int open(const char *" pathname ", int " flags ", mode_t " mode );
62 .BI "int creat(const char *" pathname ", mode_t " mode );
64 .BI "int openat(int " dirfd ", const char *" pathname ", int " flags );
65 .BI "int openat(int " dirfd ", const char *" pathname ", int " flags \
68 /* Documented separately, in \fBopenat2\fP(2): */
69 .BI "int openat2(int " dirfd ", const char *" pathname ,
70 .BI " const struct open_how *" how ", size_t " size ");"
74 Feature Test Macro Requirements for glibc (see
75 .BR feature_test_macros (7)):
81 _POSIX_C_SOURCE >= 200809L
88 system call opens the file specified by
90 If the specified file does not exist,
100 is a file descriptor, a small, nonnegative integer that is used
101 in subsequent system calls
102 .RB ( read "(2), " write "(2), " lseek "(2), " fcntl (2),
103 etc.) to refer to the open file.
104 The file descriptor returned by a successful call will be
105 the lowest-numbered file descriptor not currently open for the process.
107 By default, the new file descriptor is set to remain open across an
111 file descriptor flag described in
113 is initially disabled); the
115 flag, described below, can be used to change this default.
116 The file offset is set to the beginning of the file (see
122 .IR "open file description" ,
123 an entry in the system-wide table of open files.
124 The open file description records the file offset and the file status flags
126 A file descriptor is a reference to an open file description;
127 this reference is unaffected if
129 is subsequently removed or modified to refer to a different file.
130 For further details on open file descriptions, see NOTES.
134 must include one of the following
136 .BR O_RDONLY ", " O_WRONLY ", or " O_RDWR .
137 These request opening the file read-only, write-only, or read/write,
140 In addition, zero or more file creation flags and file status flags
146 .I file creation flags
159 are all of the remaining flags listed below.
160 .\" SUSv4 divides the flags into:
164 .\" * Other (O_CLOEXEC, O_DIRECTORY, O_NOFOLLOW)
165 .\" though it's not clear what the difference between "other" and
166 .\" "File creation" flags is. I raised an Aardvark to see if this
167 .\" can be clarified in SUSv4; 10 Oct 2008.
168 .\" http://thread.gmane.org/gmane.comp.standards.posix.austin.general/64/focus=67
169 .\" TC1 (balloted in 2013), resolved this, so that those three constants
170 .\" are also categorized" as file status flags.
172 The distinction between these two groups of flags is that
173 the file creation flags affect the semantics of the open operation itself,
174 while the file status flags affect the semantics of subsequent I/O operations.
175 The file status flags can be retrieved and (in some cases)
180 The full list of file creation flags and file status flags is as follows:
183 The file is opened in append mode.
186 the file offset is positioned at the end of the file,
189 The modification of the file offset and the write operation
190 are performed as a single atomic step.
193 may lead to corrupted files on NFS filesystems if more than one process
194 appends data to a file at once.
195 .\" For more background, see
196 .\" http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=453946
197 .\" http://nfs.sourceforge.net/
198 This is because NFS does not support
199 appending to a file, so the client kernel has to simulate it, which
200 can't be done without a race condition.
203 Enable signal-driven I/O:
206 by default, but this can be changed via
208 when input or output becomes possible on this file descriptor.
209 This feature is available only for terminals, pseudoterminals,
210 sockets, and (since Linux 2.6) pipes and FIFOs.
214 See also BUGS, below.
216 .BR O_CLOEXEC " (since Linux 2.6.23)"
217 .\" NOTE! several other man pages refer to this text
218 Enable the close-on-exec flag for the new file descriptor.
219 .\" FIXME . for later review when Issue 8 is one day released...
220 .\" POSIX proposes to fix many APIs that provide hidden FDs
221 .\" http://austingroupbugs.net/tag_view_page.php?tag_id=8
222 .\" http://austingroupbugs.net/view.php?id=368
223 Specifying this flag permits a program to avoid additional
226 operations to set the
230 Note that the use of this flag is essential in some multithreaded programs,
231 because using a separate
236 flag does not suffice to avoid race conditions
237 where one thread opens a file descriptor and
238 attempts to set its close-on-exec flag using
240 at the same time as another thread does a
244 Depending on the order of execution,
245 the race may lead to the file descriptor returned by
247 being unintentionally leaked to the program executed by the child process
250 (This kind of race is in principle possible for any system call
251 that creates a file descriptor whose close-on-exec flag should be set,
252 and various other Linux system calls provide an equivalent of the
254 flag to deal with this problem.)
255 .\" This flag fixes only one form of the race condition;
256 .\" The race can also occur with, for example, file descriptors
257 .\" returned by accept(), pipe(), etc.
262 does not exist, create it as a regular file.
264 The owner (user ID) of the new file is set to the effective user ID
267 The group ownership (group ID) of the new file is set either to
268 the effective group ID of the process (System V semantics)
269 or to the group ID of the parent directory (BSD semantics).
270 On Linux, the behavior depends on whether the
271 set-group-ID mode bit is set on the parent directory:
272 if that bit is set, then BSD semantics apply;
273 otherwise, System V semantics apply.
274 For some filesystems, the behavior also depends on the
278 mount options described in
280 .\" As at 2.6.25, bsdgroups is supported by ext2, ext3, ext4, and
281 .\" XFS (since 2.6.14).
285 argument specifies the file mode bits to be applied when a new file is created.
294 is ignored (and can thus be specified as 0, or simply omitted).
305 if it is not supplied,
306 some arbitrary bytes from the stack will be applied as the file mode.
308 The effective mode is modified by the process's
310 in the usual way: in the absence of a default ACL, the mode of the
312 .IR "(mode\ &\ \(tiumask)" .
316 applies only to future accesses of the
317 newly created file; the
319 call that creates a read-only file may well return a read/write
322 The following symbolic constants are provided for
327 00700 user (file owner) has read, write, and execute permission
330 00400 user has read permission
333 00200 user has write permission
336 00100 user has execute permission
339 00070 group has read, write, and execute permission
342 00040 group has read permission
345 00020 group has write permission
348 00010 group has execute permission
351 00007 others have read, write, and execute permission
354 00004 others have read permission
357 00002 others have write permission
360 00001 others have execute permission
363 According to POSIX, the effect when other bits are set in
366 On Linux, the following bits are also honored in
371 0004000 set-user-ID bit
374 0002000 set-group-ID bit (see
378 0001000 sticky bit (see
382 .BR O_DIRECT " (since Linux 2.4.10)"
383 Try to minimize cache effects of the I/O to and from this file.
384 In general this will degrade performance, but it is useful in
385 special situations, such as when applications do their own caching.
386 File I/O is done directly to/from user-space buffers.
389 flag on its own makes an effort to transfer data synchronously,
390 but does not give the guarantees of the
392 flag that data and necessary metadata are transferred.
393 To guarantee synchronous I/O,
395 must be used in addition to
397 See NOTES below for further discussion.
399 A semantically similar (but deprecated) interface for block devices
404 If \fIpathname\fP is not a directory, cause the open to fail.
405 .\" But see the following and its replies:
406 .\" http://marc.theaimsgroup.com/?t=112748702800001&r=1&w=2
407 .\" [PATCH] open: O_DIRECTORY and O_CREAT together should fail
408 .\" O_DIRECTORY | O_CREAT causes O_DIRECTORY to be ignored.
409 This flag was added in kernel version 2.1.126, to
410 avoid denial-of-service problems if
416 Write operations on the file will complete according to the requirements of
419 integrity completion.
424 return, the output data
425 has been transferred to the underlying hardware,
426 along with any file metadata that would be required to retrieve that data
427 (i.e., as though each
429 was followed by a call to
431 .IR "See NOTES below" .
434 Ensure that this call creates the file:
435 if this flag is specified in conjunction with
444 When these two flags are specified, symbolic links are not followed:
445 .\" POSIX.1-2001 explicitly requires this behavior.
448 is a symbolic link, then
450 fails regardless of where the symbolic link points.
452 In general, the behavior of
454 is undefined if it is used without
456 There is one exception: on Linux 2.6 and later,
462 refers to a block device.
463 If the block device is in use by the system (e.g., mounted),
470 is supported only when using NFSv3 or later on kernel 2.6 or later.
471 In NFS environments where
473 support is not provided, programs that rely on it
474 for performing locking tasks will contain a race condition.
475 Portable programs that want to perform atomic file locking using a lockfile,
476 and need to avoid reliance on NFS support for
478 can create a unique file on
479 the same filesystem (e.g., incorporating hostname and PID), and use
481 to make a link to the lockfile.
484 returns 0, the lock is successful.
487 on the unique file to check if its link count has increased to 2,
488 in which case the lock is also successful.
492 Allow files whose sizes cannot be represented in an
494 (but can be represented in an
498 .B _LARGEFILE64_SOURCE
499 macro must be defined
503 in order to obtain this definition.
506 feature test macro to 64 (rather than using
509 method of accessing large files on 32-bit systems (see
510 .BR feature_test_macros (7)).
512 .BR O_NOATIME " (since Linux 2.6.8)"
513 Do not update the file last access time
519 This flag can be employed only if one of the following conditions is true:
522 The effective UID of the process
523 .\" Strictly speaking: the filesystem UID
524 matches the owner UID of the file.
526 The calling process has the
528 capability in its user namespace and
529 the owner UID of the file has a mapping in the namespace.
532 This flag is intended for use by indexing or backup programs,
533 where its use can significantly reduce the amount of disk activity.
534 This flag may not be effective on all filesystems.
535 One example is NFS, where the server maintains the access time.
536 .\" The O_NOATIME flag also affects the treatment of st_atime
537 .\" by mmap() and readdir(2), MTK, Dec 04.
542 refers to a terminal device\(emsee
544 will not become the process's controlling terminal even if the
545 process does not have one.
548 If the trailing component (i.e., basename) of
550 is a symbolic link, then the open fails, with the error
552 Symbolic links in earlier components of the pathname will still be
556 error that can occur in this case is indistinguishable from the case where
557 an open fails because there are too many symbolic links found
558 while resolving components in the prefix part of the pathname.)
560 This flag is a FreeBSD extension, which was added to Linux in version 2.1.126,
561 and has subsequently been standardized in POSIX.1-2008.
566 .\" The headers from glibc 2.0.100 and later include a
567 .\" definition of this flag; \fIkernels before 2.1.126 will ignore it if
570 .BR O_NONBLOCK " or " O_NDELAY
571 When possible, the file is opened in nonblocking mode.
574 nor any subsequent I/O operations on the file descriptor which is
575 returned will cause the calling process to wait.
577 Note that the setting of this flag has no effect on the operation of
582 since those interfaces merely inform the caller about whether
583 a file descriptor is "ready",
584 meaning that an I/O operation performed on
585 the file descriptor with the
591 Note that this flag has no effect for regular files and block devices;
592 that is, I/O operations will (briefly) block when device activity
593 is required, regardless of whether
598 semantics might eventually be implemented,
599 applications should not depend upon blocking behavior
600 when specifying this flag for regular files and block devices.
602 For the handling of FIFOs (named pipes), see also
604 For a discussion of the effect of
606 in conjunction with mandatory file locks and with file leases, see
609 .BR O_PATH " (since Linux 2.6.39)"
610 .\" commit 1abf0c718f15a56a0a435588d1b104c7a37dc9bd
611 .\" commit 326be7b484843988afe57566b627fb7a70beac56
612 .\" commit 65cfc6722361570bfe255698d9cd4dccaf47570d
614 .\" http://thread.gmane.org/gmane.linux.man/2790/focus=3496
615 .\" Subject: Re: [PATCH] open(2): document O_PATH
616 .\" Newsgroups: gmane.linux.man, gmane.linux.kernel
618 Obtain a file descriptor that can be used for two purposes:
619 to indicate a location in the filesystem tree and
620 to perform operations that act purely at the file descriptor level.
621 The file itself is not opened, and other file operations (e.g.,
632 The following operations
634 be performed on the resulting file descriptor:
640 if the file descriptor refers to a directory
642 .\" commit 332a2e1244bd08b9e3ecd378028513396a004a24
647 .\" fstat(): commit 55815f70147dcfa3ead5738fd56d3574e2e3c1c2
650 .\" fstatfs(): commit 9d05746e7b16d8565dddbe3200faa1e669d23bbf
652 Duplicating the file descriptor
658 Getting and setting file descriptor flags
664 Retrieving open file status flags using the
667 operation: the returned flags will include the bit
670 Passing the file descriptor as the
674 and the other "*at()" system calls.
680 .BR AT_SYMLINK_FOLLOW )
681 even if the file is not a directory.
683 Passing the file descriptor to another process via a UNIX domain socket
701 Opening a file or directory with the
703 flag requires no permissions on the object itself
704 (but does require execute permission on the directories in the path prefix).
705 Depending on the subsequent operation,
706 a check for suitable file permissions may be performed (e.g.,
708 requires execute permission on the directory referred to
709 by its file descriptor argument).
711 obtaining a reference to a filesystem object by opening it with the
713 flag requires that the caller have read permission on the object,
714 even when the subsequent operation (e.g.,
717 does not require read permission on the object.
721 is a symbolic link and the
723 flag is also specified,
724 then the call returns a file descriptor referring to the symbolic link.
725 This file descriptor can be used as the
733 with an empty pathname to have the calls operate on the symbolic link.
737 refers to an automount point that has not yet been triggered, so no
738 other filesystem is mounted on it, then the call returns a file
739 descriptor referring to the automount directory without triggering a mount.
741 can then be used to determine if it is, in fact, an untriggered
743 .RB ( ".f_type == AUTOFS_SUPER_MAGIC" ).
747 for regular files is to provide the equivalent of POSIX.1's
750 This permits us to open a file for which we have execute
751 permission but not read permission, and then execute that file,
752 with steps something like the following:
757 fd = open("some_prog", O_PATH);
758 snprintf(buf, PATH_MAX, "/proc/self/fd/%d", fd);
759 execl(buf, "some_prog", (char *) NULL);
765 file descriptor can also be passed as the argument of
769 Write operations on the file will complete according to the requirements of
773 (by contrast with the
783 returns, the output data and associated file metadata
784 have been transferred to the underlying hardware
785 (i.e., as though each
787 was followed by a call to
789 .IR "See NOTES below" .
791 .BR O_TMPFILE " (since Linux 3.11)"
792 .\" commit 60545d0d4610b02e55f65d141c95b18ccf855b6e
793 .\" commit f4e0c30c191f87851c4a53454abb55ee276f4a7e
794 .\" commit bb458c644a59dbba3a1fe59b27106c5e68e1c4bd
795 Create an unnamed temporary regular file.
798 argument specifies a directory;
799 an unnamed inode will be created in that directory's filesystem.
800 Anything written to the resulting file will be lost when
801 the last file descriptor is closed, unless the file is given a name.
804 must be specified with one of
812 is not specified, then
814 can be used to link the temporary file into the filesystem, making it
815 permanent, using code like the following:
820 fd = open("/path/to/dir", O_TMPFILE | O_RDWR,
823 /* File I/O on \(aqfd\(aq... */
825 linkat(fd, NULL, AT_FDCWD, "/path/for/file", AT_EMPTY_PATH);
827 /* If the caller doesn\(aqt have the CAP_DAC_READ_SEARCH
828 capability (needed to use AT_EMPTY_PATH with linkat(2)),
829 and there is a proc(5) filesystem mounted, then the
830 linkat(2) call above can be replaced with:
832 snprintf(path, PATH_MAX, "/proc/self/fd/%d", fd);
833 linkat(AT_FDCWD, path, AT_FDCWD, "/path/for/file",
843 argument determines the file permission mode, as with
850 prevents a temporary file from being linked into the filesystem
852 (Note that the meaning of
854 in this case is different from the meaning of
858 There are two main use cases for
859 .\" Inspired by http://lwn.net/Articles/559147/
865 functionality: race-free creation of temporary files that
866 (1) are automatically deleted when closed;
867 (2) can never be reached via any pathname;
868 (3) are not subject to symlink attacks; and
869 (4) do not require the caller to devise unique names.
871 Creating a file that is initially invisible, which is then populated
872 with data and adjusted to have appropriate filesystem attributes
877 before being atomically linked into the filesystem
878 in a fully formed state (using
884 requires support by the underlying filesystem;
885 only a subset of Linux filesystems provide that support.
886 In the initial implementation, support was provided in
887 the ext2, ext3, ext4, UDF, Minix, and tmpfs filesystems.
888 .\" To check for support, grep for "tmpfile" in kernel sources
889 Support for other filesystems has subsequently been added as follows:
891 .\" commit 99b6436bc29e4f10e4388c27a3e4810191cc4788
892 .\" commit ab29743117f9f4c22ac44c13c1647fb24fb2bafe
894 .\" commit ef3b9af50bfa6a1f02cd7b3f5124b712b1ba3e3c
896 .\" commit 50732df02eefb39ab414ef655979c2c9b64ad21c
897 and ubifs (Linux 4.9)
900 If the file already exists and is a regular file and the access mode allows
905 it will be truncated to length 0.
906 If the file is a FIFO or terminal device file, the
909 Otherwise, the effect of
915 is equivalent to calling
920 .BR O_CREAT|O_WRONLY|O_TRUNC .
924 system call operates in exactly the same way as
926 except for the differences described here.
928 If the pathname given in
930 is relative, then it is interpreted relative to the directory
931 referred to by the file descriptor
933 (rather than relative to the current working directory of
934 the calling process, as is done by
936 for a relative pathname).
946 is interpreted relative to the current working
947 directory of the calling process (like
959 system call is an extension of
961 and provides a superset of the features of
963 It is documented separately, in
971 return the new file descriptor (a nonnegative integer).
972 On error, \-1 is returned and
974 is set to indicate the error.
980 can fail with the following errors:
983 The requested access to the file is not allowed, or search permission
984 is denied for one of the directories in the path prefix of
986 or the file did not exist yet and write access to the parent directory
989 .BR path_resolution (7).)
992 .\" commit 30aba6656f61ed44cba445a3c0d38b296fa9e8f5
999 sysctl is enabled, the file already exists and is a FIFO or regular file, the
1000 owner of the file is neither the current user nor the owner of the
1001 containing directory, and the containing directory is both world- or
1002 group-writable and sticky.
1003 For details, see the descriptions of
1004 .IR /proc/sys/fs/protected_fifos
1006 .IR /proc/sys/fs/protected_regular
1016 refers to a block device that is in use by the system (e.g., it is mounted).
1021 is specified, the file does not exist, and the user's quota of disk
1022 blocks or inodes on the filesystem has been exhausted.
1027 .BR O_CREAT " and " O_EXCL
1032 points outside your accessible address space.
1039 While blocked waiting to complete an open of a slow device
1042 the call was interrupted by a signal handler; see
1046 The filesystem does not support the
1051 for more information.
1055 .\" In particular, __O_TMPFILE instead of O_TMPFILE
1072 and the final component ("basename") of the new file's
1075 (e.g., it contains characters not permitted by the underlying filesystem).
1078 The final component ("basename") of
1081 (e.g., it contains characters not permitted by the underlying filesystem).
1085 refers to a directory and the access requested involved writing
1094 refers to an existing directory,
1102 but this kernel version does not provide the
1107 Too many symbolic links were encountered in resolving
1112 was a symbolic link, and
1120 The per-process limit on the number of open file descriptors has been reached
1121 (see the description of
1131 The system-wide limit on the total number of open files has been reached.
1135 refers to a device special file and no corresponding device exists.
1136 (This is a Linux kernel bug; in this situation
1142 is not set and the named file does not exist.
1145 A directory component in
1147 does not exist or is a dangling symbolic link.
1151 refers to a nonexistent directory,
1159 but this kernel version does not provide the
1164 The named file is a FIFO,
1165 but memory for the FIFO buffer can't be allocated because
1166 the per-user hard limit on memory allocation for pipes has been reached
1167 and the caller is not privileged; see
1171 Insufficient kernel memory was available.
1175 was to be created but the device containing
1177 has no room for the new file.
1180 A component used as a directory in
1182 is not, in fact, a directory, or \fBO_DIRECTORY\fP was specified and
1184 was not a directory.
1187 .BR O_NONBLOCK " | " O_WRONLY
1188 is set, the named file is a FIFO, and
1189 no process has the FIFO open for reading.
1192 The file is a device special file and no corresponding device exists.
1195 The file is a UNIX domain socket.
1198 The filesystem containing
1205 refers to a regular file that is too large to be opened.
1206 The usual scenario here is that an application compiled
1207 on a 32-bit platform without
1208 .I \-D_FILE_OFFSET_BITS=64
1209 tried to open a file whose size exceeds
1215 This is the error specified by POSIX.1;
1216 in kernels before 2.6.24, Linux gave the error
1219 .\" See http://bugzilla.kernel.org/show_bug.cgi?id=7253
1220 .\" "Open of a large file on 32-bit fails with EFBIG, should be EOVERFLOW"
1221 .\" Reported 2006-10-03
1226 flag was specified, but the effective user ID of the caller
1227 .\" Strictly speaking, it's the filesystem UID... (MTK)
1228 did not match the owner of the file and the caller was not privileged.
1231 The operation was prevented by a file seal; see
1236 refers to a file on a read-only filesystem and write access was
1241 refers to an executable image which is currently being executed and
1242 write access was requested.
1246 refers to a file that is currently in use as a swap file, and the
1252 refers to a file that is currently being read by the kernel (e.g., for
1253 module/firmware loading), and write access was requested.
1258 flag was specified, and an incompatible lease was held on the file
1262 The following additional errors can occur for
1267 is not a valid file descriptor.
1271 is a relative pathname and
1273 is a file descriptor referring to a file other than a directory.
1276 was added to Linux in kernel 2.6.16;
1277 library support was added to glibc in version 2.4.
1281 SVr4, 4.3BSD, POSIX.1-2001, POSIX.1-2008.
1295 flags are Linux-specific.
1298 to obtain their definitions.
1305 flags are not specified in POSIX.1-2001,
1306 but are specified in POSIX.1-2008.
1307 Since glibc 2.12, one can obtain their definitions by defining either
1309 with a value greater than or equal to 200809L or
1311 with a value greater than or equal to 700.
1312 In glibc 2.11 and earlier, one obtains the definitions by defining
1316 .BR feature_test_macros (7),
1317 feature test macros such as
1318 .BR _POSIX_C_SOURCE ,
1322 must be defined before including
1328 flag is sometimes used in cases where one wants to open
1329 but does not necessarily have the intention to read or write.
1331 this may be used to open a device in order to get a file descriptor
1335 The (undefined) effect of
1336 .B O_RDONLY | O_TRUNC
1337 varies among implementations.
1338 On many systems the file is actually truncated.
1339 .\" Linux 2.0, 2.5: truncate
1340 .\" Solaris 5.7, 5.8: truncate
1341 .\" Irix 6.5: truncate
1342 .\" Tru64 5.1B: truncate
1343 .\" HP-UX 11.22: truncate
1344 .\" FreeBSD 4.7: truncate
1348 can open device special files, but
1350 cannot create them; use
1354 If the file is newly created, its
1359 (respectively, time of last access, time of last status change, and
1360 time of last modification; see
1363 to the current time, and so are the
1369 Otherwise, if the file is modified because of the
1375 fields are set to the current time.
1379 directory show the open file descriptors of the process with the PID
1382 .I /proc/[pid]/fdinfo
1383 directory show even more information about these file descriptors.
1386 for further details of both of these directories.
1388 The Linux header file
1394 synonym is defined instead.
1397 .SS Open file descriptions
1398 The term open file description is the one used by POSIX to refer to the
1399 entries in the system-wide table of open files.
1400 In other contexts, this object is
1401 variously also called an "open file object",
1402 a "file handle", an "open file table entry",
1403 or\(emin kernel-developer parlance\(ema
1406 When a file descriptor is duplicated (using
1409 the duplicate refers to the same open file description
1410 as the original file descriptor,
1411 and the two file descriptors consequently share
1412 the file offset and file status flags.
1413 Such sharing can also occur between processes:
1414 a child process created via
1416 inherits duplicates of its parent's file descriptors,
1417 and those duplicates refer to the same open file descriptions.
1421 of a file creates a new open file description;
1422 thus, there may be multiple open file descriptions
1423 corresponding to a file inode.
1425 On Linux, one can use the
1428 operation to test whether two file descriptors
1429 (in the same process or in two different processes)
1430 refer to the same open file description.
1433 .SS Synchronized I/O
1434 The POSIX.1-2008 "synchronized I/O" option
1435 specifies different variants of synchronized I/O,
1443 for controlling the behavior.
1444 Regardless of whether an implementation supports this option,
1445 it must at least support the use of
1455 Somewhat incorrectly, glibc defines
1457 to have the same value as
1460 is defined in the Linux header file
1462 on HP PA-RISC, but it is not used.)
1465 provides synchronized I/O
1467 integrity completion,
1468 meaning write operations will flush data and all associated metadata
1469 to the underlying hardware.
1471 provides synchronized I/O
1473 integrity completion,
1474 meaning write operations will flush data
1475 to the underlying hardware,
1476 but will only flush metadata updates that are required
1477 to allow a subsequent read operation to complete successfully.
1478 Data integrity completion can reduce the number of disk operations
1479 that are required for applications that don't need the guarantees
1480 of file integrity completion.
1482 To understand the difference between the two types of completion,
1483 consider two pieces of file metadata:
1484 the file last modification timestamp
1486 and the file length.
1487 All write operations will update the last file modification timestamp,
1488 but only writes that add data to the end of the
1489 file will change the file length.
1490 The last modification timestamp is not needed to ensure that
1491 a read completes successfully, but the file length is.
1494 would only guarantee to flush updates to the file length metadata
1497 would also always flush the last modification timestamp metadata).
1499 Before Linux 2.6.33, Linux implemented only the
1503 However, when that flag was specified,
1504 most filesystems actually provided the equivalent of synchronized I/O
1506 integrity completion (i.e.,
1508 was actually implemented as the equivalent of
1511 Since Linux 2.6.33, proper
1513 support is provided.
1514 However, to ensure backward binary compatibility,
1516 was defined with the same value as the historical
1520 was defined as a new (two-bit) flag value that includes the
1523 This ensures that applications compiled against
1524 new headers get at least
1526 semantics on pre-2.6.33 kernels.
1528 .SS C library/kernel differences
1530 the glibc wrapper function for
1534 system call, rather than the kernel's
1537 For certain architectures, this is also true in glibc versions before 2.26.
1540 There are many infelicities in the protocol underlying NFS, affecting
1542 .BR O_SYNC " and " O_NDELAY .
1544 On NFS filesystems with UID mapping enabled,
1547 return a file descriptor but, for example,
1551 This is because the client performs
1554 permissions, but UID mapping is performed by the server upon
1555 read and write requests.
1559 Opening the read or write end of a FIFO blocks until the other
1560 end is also opened (by another process or thread).
1563 for further details.
1566 .SS File access mode
1567 Unlike the other values that can be specified in
1572 .BR O_RDONLY ", " O_WRONLY ", and " O_RDWR
1573 do not specify individual bits.
1574 Rather, they define the low order two bits of
1576 and are defined respectively as 0, 1, and 2.
1577 In other words, the combination
1578 .B "O_RDONLY | O_WRONLY"
1579 is a logical error, and certainly does not have the same meaning as
1582 Linux reserves the special, nonstandard access mode 3 (binary 11) in
1585 check for read and write permission on the file and return a file descriptor
1586 that can't be used for reading or writing.
1587 This nonstandard access mode is used by some Linux drivers to return a
1588 file descriptor that is to be used only for device-specific
1591 .\" See for example util-linux's disk-utils/setfdprm.c
1592 .\" For some background on access mode 3, see
1593 .\" http://thread.gmane.org/gmane.linux.kernel/653123
1594 .\" "[RFC] correct flags to f_mode conversion in __dentry_open"
1595 .\" LKML, 12 Mar 2008
1598 .SS Rationale for openat() and other "directory file descriptor" APIs
1600 and the other system calls and library functions that take
1601 a directory file descriptor argument
1605 .BR fanotify_mark (2),
1615 .BR name_to_handle_at (2),
1627 address two problems with the older interfaces that preceded them.
1628 Here, the explanation is in terms of the
1630 call, but the rationale is analogous for the other interfaces.
1634 allows an application to avoid race conditions that could
1637 to open files in directories other than the current working directory.
1638 These race conditions result from the fact that some component
1639 of the directory prefix given to
1641 could be changed in parallel with the call to
1643 Suppose, for example, that we wish to create the file
1644 .I dir1/dir2/xxx.dep
1648 The problem is that between the existence check and the file-creation step,
1652 (which might be symbolic links)
1653 could be modified to point to a different location.
1654 Such races can be avoided by
1655 opening a file descriptor for the target directory,
1656 and then specifying that file descriptor as the
1664 file descriptor also has other benefits:
1666 the file descriptor is a stable reference to the directory,
1667 even if the directory is renamed; and
1669 the open file descriptor prevents the underlying filesystem from
1671 just as when a process has a current working directory on a filesystem.
1675 allows the implementation of a per-thread "current working
1676 directory", via file descriptor(s) maintained by the application.
1677 (This functionality can also be obtained by tricks based
1679 .IR /proc/self/fd/ dirfd,
1680 but less efficiently.)
1684 argument for these APIs can be obtained by using
1688 to open a directory (with either the
1693 Alternatively, such a file descriptor can be obtained by applying
1695 to a directory stream created using
1698 When these APIs are given a
1702 or the specified pathname is absolute,
1703 then they handle their pathname argument in the same way as
1704 the corresponding conventional APIs.
1705 However, in this case, several of the APIs have a
1707 argument that provides access to functionality that is not available with
1708 the corresponding conventional APIs.
1714 flag may impose alignment restrictions on the length and address
1715 of user-space buffers and the file offset of I/Os.
1717 restrictions vary by filesystem and kernel version and might be
1719 However there is currently no filesystem\-independent
1720 interface for an application to discover these restrictions for a given
1722 Some filesystems provide their own interfaces
1723 for doing so, for example the
1728 Under Linux 2.4, transfer sizes, the alignment of the user buffer,
1729 and the file offset must all be multiples of the logical block size
1731 Since Linux 2.6.0, alignment to the logical block size of the
1732 underlying storage (typically 512 bytes) suffices.
1733 The logical block size can be determined using the
1736 operation or from the shell using the command:
1745 I/Os should never be run concurrently with the
1748 if the memory buffer is a private mapping
1749 (i.e., any mapping created with the
1753 this includes memory allocated on the heap and statically allocated buffers).
1754 Any such I/Os, whether submitted via an asynchronous I/O interface or from
1755 another thread in the process,
1756 should be completed before
1759 Failure to do so can result in data corruption and undefined behavior in
1760 parent and child processes.
1761 This restriction does not apply when the memory buffer for the
1763 I/Os was created using
1770 Nor does this restriction apply when the memory buffer has been advised as
1774 ensuring that it will not be available
1780 flag was introduced in SGI IRIX, where it has alignment
1781 restrictions similar to those of Linux 2.4.
1784 call to query appropriate alignments, and sizes.
1785 FreeBSD 4.x introduced
1786 a flag of the same name, but without alignment restrictions.
1789 support was added under Linux in kernel version 2.4.10.
1790 Older Linux kernels simply ignore this flag.
1791 Some filesystems may not implement the flag, in which case
1793 fails with the error
1797 Applications should avoid mixing
1799 and normal I/O to the same file,
1800 and especially to overlapping byte regions in the same file.
1801 Even when the filesystem correctly handles the coherency issues in
1802 this situation, overall I/O throughput is likely to be slower than
1803 using either mode alone.
1804 Likewise, applications should avoid mixing
1806 of files with direct I/O to the same files.
1810 with NFS will differ from local filesystems.
1812 kernels configured in certain ways, may not support this combination.
1813 The NFS protocol does not support passing the flag to the server, so
1815 I/O will bypass the page cache only on the client; the server may
1816 still cache the I/O.
1817 The client asks the server to make the I/O
1818 synchronous to preserve the synchronous semantics of
1820 Some servers will perform poorly under these circumstances, especially
1821 if the I/O size is small.
1822 Some servers may also be configured to
1823 lie to clients about the I/O having reached stable storage; this
1824 will avoid the performance penalty at some risk to data integrity
1825 in the event of server power failure.
1826 The Linux NFS client places no alignment restrictions on
1832 is a potentially powerful tool that should be used with caution.
1833 It is recommended that applications treat use of
1835 as a performance option which is disabled by default.
1837 Currently, it is not possible to enable signal-driven
1844 to enable this flag.
1845 .\" FIXME . Check bugzilla report on open(O_ASYNC)
1846 .\" See http://bugzilla.kernel.org/show_bug.cgi?id=5993
1848 One must check for two different error codes,
1852 when trying to determine whether the kernel supports
1862 and the file specified by
1866 will create a regular file (i.e.,
1880 .BR open_by_handle_at (2),
1892 .BR path_resolution (7),