credentials(7)

Från Wiki.linux.se
Hoppa till navigering Hoppa till sök

credentials(7) — Linux Manual Page

NAME

credentials - process identifiers

DESCRIPTION

Process ID (PID)

Each process has a unique nonnegative integer identifier that is assigned when the process is created using fork(2). A process can obtain its PID using getpid(2). A PID is represented using the type `pid_t` (defined in `<sys/types.h>`).

PIDs are used in a range of system calls to identify the process affected by the call, for example: kill(2), ptrace(2), setpriority(2), setpgid(2), setsid(2), sigqueue(3), and waitpid(2).

A process's PID is preserved across an execve(2).

Parent process ID (PPID)

A process's parent process ID identifies the process that created this process using fork(2). A process can obtain its PPID using getppid(2). A PPID is represented using the type `pid_t`.

A process's PPID is preserved across an execve(2).

Process group ID and session ID

Each process has a session ID and a process group ID, both represented using the type `pid_t`. A process can obtain its session ID using getsid(2), and its process group ID using getpgrp(2).

A child created by fork(2) inherits its parent's session ID and process group ID. A process's session ID and process group ID are preserved across an execve(2).

Sessions and process groups are abstractions devised to support shell job control. A process group (sometimes called a "job") is a collection of processes that share the same process group ID; the shell creates a new process group for the process(es) used to execute single command or pipeline (e.g., the two processes created to execute the command `"ls | wc"` are placed in the same process group). A process's group membership can be set using setpgid(2). The process whose process ID is the same as its process group ID is the process group leader for that group.

A session is a collection of processes that share the same session ID. All of the members of a process group also have the same session ID. A new session is created when a process calls setsid(2), which creates a new session whose session ID is the same as the PID of the process that called it. The creator of the session is called the session leader.

All of the processes in a session share a controlling terminal. The controlling terminal is established when the session leader first opens a terminal (unless the `O_NOCTTY` flag is specified when calling open(2)). A terminal may be the controlling terminal of at most one session.

At most one of the jobs in a session may be the foreground job; other jobs in the session are background jobs. Only the foreground job may read from the terminal. Various system calls and library functions may operate on all members of a process group, including kill(2), killpg(3), getpriority(2), setpriority(2), and waitpid(2).

User and group identifiers

Each process has various associated user and group IDs, represented using the types `uid_t` and `gid_t` (defined in `<sys/types.h>`).

On Linux, each process has:

  • **Real user ID and real group ID**: Determine ownership of the process. Obtainable via getuid(2) and getgid(2).
  • **Effective user ID and effective group ID**: Used to determine permissions for accessing shared resources. Obtainable via geteuid(2) and getegid(2).
  • **Saved set-user-ID and saved set-group-ID**: Used in set-user-ID and set-group-ID programs.
  • **Filesystem user ID and filesystem group ID**: Used to determine file-access permissions; see path_resolution(7).
  • **Supplementary group IDs**: A set of additional group IDs used for permission checks. Obtainable via getgroups(2).

A child created by fork(2) inherits copies of its parent's user and group IDs. During an execve(2), the effective and saved set IDs may be changed, as described in execve(2).

Modifying process user and group IDs

Processes can modify user and group IDs using APIs like:

Changes to a process's effective user or group ID can affect its capabilities, as described in capabilities(7).

STANDARDS

Process IDs, parent process IDs, process group IDs, and session IDs are specified in POSIX.1. The real, effective, and saved set user and group IDs, and the supplementary group IDs, are also specified in POSIX.1. The filesystem user and group IDs are a Linux extension.

NOTES

Various fields in the `/proc/pid/status` file show the process credentials. See proc(5) for further information.

The POSIX threads specification requires credentials to be shared by all threads in a process. However, Linux maintains separate credentials for each thread at the kernel level.

SEE ALSO

bash(1), csh(1), id(1), ps(1), setuid(2), setgid(2), setgroups(2), setresuid(2), setresgid(2), capabilities(7), pid_namespaces(7), user_namespaces(7)

COLOPHON

This page is part of the Linux man-pages project. For bug reports or improvements, visit [1].

Sidslut

Orginalhemsidan på Engelska :https://man7.org/linux/man-pages/man7/capabilities.7.html

Det här är en maskinöversättning av Linux man sidor till svenska. Om du hittar fel är vi tacksamma om du rapporterar dem via formuläret som finns på https://www.linux.se/kontaka-linux-se/

Tack till Datorhjälp som har sponsrat Linux.se med webbhotell.

Sidslut

Orginalhemsidan på Engelska := Sidslut =

Orginalhemsidan på Engelska :https://man7.org/linux/man-pages/man7/capabilities.7.html

Det här är en maskinöversättning av Linux man sidor till svenska. Om du hittar fel är vi tacksamma om du rapporterar dem via formuläret som finns på https://www.linux.se/kontaka-linux-se/

Tack till Datorhjälp som har sponsrat Linux.se med webbhotell.

Det här är en maskinöversättning av Linux man sidor till svenska. Om du hittar fel är vi tacksamma om du rapporterar dem via formuläret som finns på https://www.linux.se/kontaka-linux-se/

Tack till Datorhjälp som har sponsrat Linux.se med webbhotell.

Hämtad från "https://wiki.linux.se/index.php?title=credentials(7)&oldid=6246"