p_candebug (9)

Leading comments

Copyright (c) 2003 Joseph Koshy <jkoshy@FreeBSD.org>

All rights reserved.

This program is free software.

Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
   notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright
   notice, this list of conditions and the fol...

(The comments found at the beginning of the groff file "man9/p_candebug.9freebsd".)

NAME

p_candebug - determine debuggability of a process

SYNOPSIS

In sys/param.h In sys/proc.h Ft int Fn p_candebug struct thread *td struct proc *p

DESCRIPTION

This function can be used to determine if a given process Fa p is debuggable by the thread Fa td .

SYSCTL VARIABLES

The following sysctl(8) variables directly influence the behaviour of Fn p_candebug :

kern.securelevel

Debugging of the init process is not allowed if this variable is 1 or greater.

security.bsd.unprivileged_proc_debug

Must be set to a non-zero value to allow unprivileged processes access to the kernel's debug facilities.

RETURN VALUES

The Fn p_candebug function returns 0 if the process denoted by Fa p is debuggable by thread Fa td , or a non-zero error return value otherwise.

ERRORS

Bq Er EACCESS

The MAC subsystem denied debuggability.

Bq Er EAGAIN

Process Fa p is in the process of being Fn exec Ns 'ed.

Bq Er EPERM

Thread Fa td lacks super-user credentials and process Fa p is executing a set-user-ID or set-group-ID executable.

Bq Er EPERM

Thread Fa td lacks super-user credentials and process Fa p Ns 's group set is not a subset of Fa td Ns 's effective group set.

Bq Er EPERM

Thread Fa td lacks super-user credentials and process Fa p Ns 's user IDs do not match thread Fa td Ns 's effective user ID.

Bq Er EPERM

Process Fa p denotes the initial process Fn initproc and the sysctl(8) variable kern.securelevel is greater than zero.

Bq Er ESRCH

Process Fa p is not visible to thread Fa td as determined by cr_seeotheruids9 or cr_seeothergids9.

Bq Er ESRCH

Thread Fa td has been jailed and process Fa p does not belong to the same jail as Fa td .

Bq Er ESRCH

The MAC subsystem denied debuggability.

SEE ALSO

jail(2), sysctl(8), cr_seeothergids9, cr_seeotheruids9, mac(9), p_cansee9, prison_check9