Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
EXECVE(2)		  FreeBSD System Calls Manual		     EXECVE(2)

     execve -- execute a file

     #include <unistd.h>

     execve(const char *path, char *const argv[], char *const envp[]);

     execve() transforms the calling process into a new	process.  The new
     process is	constructed from an ordinary file, whose name is pointed to by
     path, called the new process file.	 This file is either an	executable ob-
     ject file,	or a file of data for an interpreter.  An executable object
     file consists of an identifying header, followed by pages of data repre-
     senting the initial program (text)	and initialized	data pages.  Addi-
     tional pages may be specified by the header to be initialized with	zero
     data; see elf(5).

     An	interpreter file begins	with a line of the form:

	   #! interpreter [arg]

     When an interpreter file is passed	to execve() the	system instead calls
     execve() with the specified interpreter.  If the optional arg is speci-
     fied, it becomes the first	argument to the	interpreter, and the original
     path becomes the second argument; otherwise, path becomes the first argu-
     ment.  The	original arguments are shifted over to become the subsequent
     arguments.	 The zeroth argument, normally the name	of the file being exe-
     cuted, is left unchanged.

     The argument argv is a pointer to a null-terminated array of character
     pointers to NUL-terminated	character strings.  These strings construct
     the argument list to be made available to the new process.	 At least one
     non-null argument must be present in the array; by	custom,	the first ele-
     ment should be the	name of	the executed program (for example, the last
     component of path).

     The argument envp is also a pointer to a null-terminated array of charac-
     ter pointers to NUL-terminated strings.  A	pointer	to this	array is nor-
     mally stored in the global	variable environ.  These strings pass informa-
     tion to the new process that is not directly an argument to the command
     (see environ(7)).

     File descriptors open in the calling process image	remain open in the new
     process image, except for those for which the close-on-exec flag is set
     (see close(2) and fcntl(2)).  Descriptors that remain open	are unaffected
     by	execve().  In the case of a new	setuid or setgid executable being exe-
     cuted, if file descriptors	0, 1, or 2 (representing stdin,	stdout,	and
     stderr) are currently unallocated,	these descriptors will be opened to
     point to some system file like /dev/null.	The intent is to ensure	these
     descriptors are not unallocated, since many libraries make	assumptions
     about the use of these 3 file descriptors.

     Signals set to be ignored in the calling process, with the	exception of
     SIGCHLD, are set to be ignored in the new process.	 Other signals are set
     to	default	action in the new process image.  Blocked signals remain
     blocked regardless	of changes to the signal action.  The signal stack is
     reset to be undefined (see	sigaction(2) for more information).

     If	the set-user-ID	mode bit of the	new process image file is set (see
     chmod(2)),	the effective user ID of the new process image is set to the
     owner ID of the new process image file.  If the set-group-ID mode bit of
     the new process image file	is set,	the effective group ID of the new
     process image is set to the group ID of the new process image file.  (The
     effective group ID	is the first element of	the group list.)  The real
     user ID, real group ID and	other group IDs	of the new process image re-
     main the same as the calling process image.  After	any set-user-ID	and
     set-group-ID processing, the effective user ID is recorded	as the saved
     set-user-ID, and the effective group ID is	recorded as the	saved set-
     group-ID.	These values may be used in changing the effective IDs later
     (see setuid(2)).  The set-user-ID and set-group-ID	bits have no effect if
     the new process image file	is located on a	file system mounted with the
     nosuid flag.  The process will be started without the new permissions.

     The new process also inherits the following attributes from the calling

	   process ID	      see getpid(2)
	   parent process ID  see getppid(2)
	   process group ID   see getpgrp(2)
	   session ID	      see getsid(2)
	   access groups      see getgroups(2)
	   working directory  see chdir(2)
	   root	directory     see chroot(2)
	   control terminal   see termios(4)
	   resource usages    see getrusage(2)
	   interval timers    see getitimer(2) (unless process image file is
			      setuid or	setgid,	in which case all timers are
	   resource limits    see getrlimit(2)
	   file	mode mask     see umask(2)
	   signal mask	      see sigaction(2),	sigprocmask(2)

     When a program is executed	as a result of an execve() call, it is entered
     as	follows:

	   main(int argc, char **argv, char **envp)

     where argc	is the number of elements in argv (the "arg count") and	argv
     points to the array of character pointers to the arguments	themselves.

     As	the execve() function overlays the current process image with a	new
     process image the successful call has no process to return	to.  If
     execve() does return to the calling process an error has occurred;	the
     return value will be -1 and the global variable errno is set to indicate
     the error.

     execve() will fail	and return to the calling process if:

     [ENOTDIR]		A component of the path	prefix is not a	directory.

     [ENAMETOOLONG]	A component of a pathname exceeded NAME_MAX charac-
			ters, or an entire pathname (including the terminating
			NUL) exceeded PATH_MAX bytes.

     [ENOENT]		The new	process	file does not exist.

     [ELOOP]		Too many symbolic links	were encountered in translat-
			ing the	pathname.

     [EACCES]		Search permission is denied for	a component of the
			path prefix.

     [EACCES]		The new	process	file is	not an ordinary	file.

     [EACCES]		The new	process	file mode denies execute permission.

     [EACCES]		The new	process	file is	on a filesystem	mounted	with
			execution disabled (MNT_NOEXEC in <sys/mount.h>).

     [EACCES]		The new	process	file is	marked with ld(1) -z wxneeded
			to perform W^X violating operations, but it is located
			on a file system not allowing such operations, being
			mounted	without	the mount(8) -o	wxallowed flag.

     [EACCES]		The parent used	pledge(2) to declare an	execpromise,
			and that is not	permitted for setuid or	setgid images.

     [ENOEXEC]		The new	process	file has the appropriate access	per-
			mission, but has an invalid magic number in its

     [ETXTBSY]		The new	process	file is	a pure procedure (shared text)
			file that is currently open for	writing	by some

     [ENOMEM]		The new	process	requires more virtual memory than is
			allowed	by the imposed maximum (getrlimit(2)).

     [E2BIG]		The number of bytes in the new process's argument list
			is larger than the system-imposed limit.  The limit in
			the system as released is 524288 bytes (ARG_MAX).

     [EFAULT]		The new	process	file is	not as long as indicated by
			the size values	in its header.

     [EFAULT]		path, argv, or envp point to an	illegal	address.

     [EINVAL]		argv did not contain at	least one element.

     [EIO]		An I/O error occurred while reading from the file sys-

     [ENFILE]		During startup of an interpreter, the system file ta-
			ble was	found to be full.

     _exit(2), fork(2),	execl(3), exit(3), elf(5), environ(7)

     The execve() function is expected to conform to IEEE Std 1003.1-2008

     The predecessor of	these functions, the former exec() system call,	first
     appeared in Version 1 AT&T	UNIX.  The execve() function first appeared in
     Version 7 AT&T UNIX.

     If	a program is setuid to a non-superuser,	but is executed	when the real
     uid is "root", then the process has some of the powers of a superuser as

     IEEE Std 1003.1-2008 ("POSIX.1") permits execve to	leave SIGCHLD as ig-
     nored in the new process; portable	programs cannot	rely on	execve reset-
     ting it to	the default disposition.

FreeBSD	13.0			April 10, 2020			  FreeBSD 13.0


Want to link to this manual page? Use this URL:

home | help