freebsd-dev/share/man/man9/p_candebug.9

138 lines
3.4 KiB
Groff
Raw Normal View History

.\"
.\" Copyright (c) 2003 Joseph Koshy <jkoshy@freebsd.org>
.\"
.\" All rights reserved.
.\"
.\" This program is free software.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR
.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT,
.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" $FreeBSD$
2004-07-06 07:26:23 +00:00
.\"
.Dd November 11, 2003
.Os
2004-07-06 07:26:23 +00:00
.Dt P_CANDEBUG 9
.Sh NAME
.Nm p_candebug
.Nd determine debuggability of a process
.Sh SYNOPSIS
.In sys/proc.h
.Ft int
.Fn p_candebug "struct thread *td" "struct proc *p"
.Sh DESCRIPTION
This function can be used to determine if a given process
.Fa p
is debuggable by the thread
.Fa td .
2004-07-06 07:26:23 +00:00
.Sh SYSCTL VARIABLES
The following
.Xr sysctl 8
2004-07-06 07:26:23 +00:00
variables directly influence the behaviour of
.Fn p_candebug :
.Bl -tag -width indent
.It Va kern.securelevel
2004-07-06 07:26:23 +00:00
Debugging of the init process is not allowed if this variable is
.Li 1
or greater.
.It Va security.bsd.unprivileged_proc_debug
2004-07-06 07:26:23 +00:00
Must be set to a non-zero value to allow unprivileged processes
access to the kernel's debug facilities.
.El
.Sh RETURN VALUES
2004-07-06 07:26:23 +00:00
The
.Fn p_candebug
2004-07-06 07:26:23 +00:00
function
returns
.Li 0
if the process denoted by
2004-07-06 07:26:23 +00:00
.Fa p
is debuggable by thread
2004-07-06 07:26:23 +00:00
.Fa td ,
or a non-zero error return value otherwise.
.Sh ERRORS
.Bl -tag -width Er
.It Bq Er EACCESS
The MAC subsystem denied debuggability.
.It Bq Er EAGAIN
Process
.Fa p
is in the process of being
.Fn exec Ns 'ed.
.It Bq Er EPERM
Thread
.Fa td
lacks super-user credentials and process
.Fa p
2004-07-06 07:26:23 +00:00
is executing a set-user-ID or set-group-ID executable.
.It Bq Er EPERM
Thread
.Fa td
lacks super-user credentials and process
.Fa p Ns 's
group set is not a subset of
.Fa td Ns 's
effective group set.
.It Bq Er EPERM
Thread
.Fa td
lacks super-user credentials and process
.Fa p Ns 's
2004-07-06 07:26:23 +00:00
user IDs do not match thread
.Fa td Ns 's
2004-07-06 07:26:23 +00:00
effective user ID.
.It Bq Er EPERM
Process
.Fa p
denotes the initial process
.Fn initproc
2004-07-06 07:26:23 +00:00
and the
.Xr sysctl 8
variable
.Va kern.securelevel
is greater than zero.
.It Bq Er ESRCH
Process
.Fa p
is not visible to thread
.Fa td
as determined by
.Xr cr_seeotheruids 9
or
.Xr cr_seeothergids 9 .
.It Bq Er ESRCH
Thread
.Fa td
has been jailed and process
.Fa p
does not belong to the same jail as
.Fa td .
.It Bq Er ESRCH
The MAC subsystem denied debuggability.
.El
.Sh SEE ALSO
.Xr intro 2 ,
.Xr jail 2 ,
.Xr sysctl 8 ,
.Xr cr_seeothergids 9 ,
.Xr cr_seeotheruids 9 ,
.Xr mac 9 ,
.Xr prison_check 9