man5/proc_pid.5

   1 .\" Copyright (C) 1994, 1995, Daniel Quinlan <quinlan@yggdrasil.com>
   2 .\" Copyright (C) 2002-2008, 2017, Michael Kerrisk <mtk.manpages@gmail.com>
   3 .\" Copyright (C) 2023, Alejandro Colomar <alx@kernel.org>
   4 .\"
   5 .\" SPDX-License-Identifier: GPL-3.0-or-later
   6 .\"
   7 .TH proc_pid 5 (date) "Linux man-pages (unreleased)"
   8 .SH NAME
   9 /proc/pid/, /proc/self/ \- process information
  10 .SH DESCRIPTION
  11 .TP
  12 .IR /proc/ pid /
  13 There is a numerical subdirectory for each running process; the
  14 subdirectory is named by the process ID.
  15 Each
  16 .IR /proc/ pid
  17 subdirectory contains the pseudo-files and directories described below.
  18 .IP
  19 The files inside each
  20 .IR /proc/ pid
  21 directory are normally owned by the effective user and
  22 effective group ID of the process.
  23 However, as a security measure, the ownership is made
  24 .I root:root
  25 if the process's "dumpable" attribute is set to a value other than 1.
  26 .IP
  27 Before Linux 4.11,
  28 .\" commit 68eb94f16227336a5773b83ecfa8290f1d6b78ce
  29 .I root:root
  30 meant the "global" root user ID and group ID
  31 (i.e., UID 0 and GID 0 in the initial user namespace).
  32 Since Linux 4.11,
  33 if the process is in a noninitial user namespace that has a
  34 valid mapping for user (group) ID 0 inside the namespace, then
  35 the user (group) ownership of the files under
  36 .IR /proc/ pid
  37 is instead made the same as the root user (group) ID of the namespace.
  38 This means that inside a container,
  39 things work as expected for the container "root" user.
  40 .IP
  41 The process's "dumpable" attribute may change for the following reasons:
  42 .RS
  43 .IP \[bu] 3
  44 The attribute was explicitly set via the
  45 .BR prctl (2)
  46 .B PR_SET_DUMPABLE
  47 operation.
  48 .IP \[bu]
  49 The attribute was reset to the value in the file
  50 .I /proc/sys/fs/suid_dumpable
  51 (described below), for the reasons described in
  52 .BR prctl (2).
  53 .RE
  54 .IP
  55 Resetting the "dumpable" attribute to 1 reverts the ownership of the
  56 .IR /proc/ pid /*
  57 files to the process's effective UID and GID.
  58 Note, however, that if the effective UID or GID is subsequently modified,
  59 then the "dumpable" attribute may be reset, as described in
  60 .BR prctl (2).
  61 Therefore, it may be desirable to reset the "dumpable" attribute
  62 .I after
  63 making any desired changes to the process's effective UID or GID.
  64 .TP
  65 .I /proc/self/
  66 This directory refers to the process accessing the
  67 .I /proc
  68 filesystem,
  69 and is identical to the
  70 .I /proc
  71 directory named by the process ID of the same process.
  72 .SH SEE ALSO
  73 .BR proc (5)