1 .\"
2 .\" Sun Microsystems, Inc. gratefully acknowledges The Open Group for
3 .\" permission to reproduce portions of its copyrighted documentation.
4 .\" Original documentation from The Open Group can be obtained online at
5 .\" http://www.opengroup.org/bookstore/.
6 .\"
7 .\" The Institute of Electrical and Electronics Engineers and The Open
8 .\" Group, have given us permission to reprint portions of their
9 .\" documentation.
10 .\"
11 .\" In the following statement, the phrase ``this text'' refers to portions
12 .\" of the system documentation.
13 .\"
14 .\" Portions of this text are reprinted and reproduced in electronic form
15 .\" in the SunOS Reference Manual, from IEEE Std 1003.1, 2004 Edition,
16 .\" Standard for Information Technology -- Portable Operating System
17 .\" Interface (POSIX), The Open Group Base Specifications Issue 6,
18 .\" Copyright (C) 2001-2004 by the Institute of Electrical and Electronics
19 .\" Engineers, Inc and The Open Group. In the event of any discrepancy
20 .\" between these versions and the original IEEE and The Open Group
21 .\" Standard, the original IEEE and The Open Group Standard is the referee
22 .\" document. The original Standard can be obtained online at
23 .\" http://www.opengroup.org/unix/online.html.
24 .\"
25 .\" This notice shall appear on any product containing this material.
26 .\"
27 .\" The contents of this file are subject to the terms of the
28 .\" Common Development and Distribution License (the "License").
29 .\" You may not use this file except in compliance with the License.
30 .\"
31 .\" You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
32 .\" or http://www.opensolaris.org/os/licensing.
33 .\" See the License for the specific language governing permissions
34 .\" and limitations under the License.
35 .\"
36 .\" When distributing Covered Code, include this CDDL HEADER in each
37 .\" file and include the License file at usr/src/OPENSOLARIS.LICENSE.
38 .\" If applicable, add the following below this CDDL HEADER, with the
39 .\" fields enclosed by brackets "[]" replaced with your own identifying
40 .\" information: Portions Copyright [yyyy] [name of copyright owner]
41 .\"
42 .\"
43 .\" Copyright 1989 AT&T.
44 .\" Portions Copyright (c) 1992, X/Open Company Limited. All Rights Reserved.
45 .\" Copyright (c) 2008, Sun Microsystems, Inc. All Rights Reserved.
46 .\" Copyright 2015, Joyent, Inc.
47 .\"
48 .TH EXEC 2 "Oct 27, 2015"
49 .SH NAME
50 exec, execl, execle, execlp, execv, execve, execvp \- execute a file
51 .SH SYNOPSIS
52 .LP
53 .nf
54 #include <unistd.h>
55
56 \fBint\fR \fBexecl\fR(\fBconst char *\fR\fIpath\fR, \fBconst char *\fR\fIarg0\fR, \fB\&...
57 /* const char *\fR\fIargn\fR, \fB(char *)0 */);\fR
58 .fi
59
60 .LP
61 .nf
62 \fBint\fR \fBexecv\fR(\fBconst char *\fR\fIpath\fR, \fBchar *const\fR \fIargv[]\fR);
63 .fi
64
65 .LP
66 .nf
67 \fBint\fR \fBexecle\fR(\fBconst char *\fR\fIpath\fR, \fBconst char *\fR\fIarg0\fR, \fB\&...
68 /* const char *\fR\fIargn\fR, \fB(char *)0\fR,\fBchar *const\fR \fIenvp\fR[]*/);
69 .fi
70
71 .LP
72 .nf
73 \fBint\fR \fBexecve\fR(\fBconst char *\fR\fIpath\fR, \fBchar *const\fR \fIargv[]\fR,
74 \fBchar *const\fR \fIenvp[]\fR);
75 .fi
76
77 .LP
78 .nf
79 \fBint\fR \fBexeclp\fR(\fBconst char *\fR\fIfile\fR, \fBconst char *\fR\fIarg0\fR, \fB\&...
80 /* const char *\fR\fIargn\fR, \fB(char *)0 */);\fR
81 .fi
82
83 .LP
84 .nf
85 \fBint\fR \fBexecvp\fR(\fBconst char *\fR\fIfile\fR, \fBchar *const\fR \fIargv[]\fR);
86 .fi
87
88 .SH DESCRIPTION
89 .LP
90 Each of the functions in the \fBexec\fR family replaces the current process
91 image with a new process image. The new image is constructed from a regular,
92 executable file called the \fBnew process image file\fR. This file is either an
93 executable object file or a file of data for an interpreter. There is no return
94 from a successful call to one of these functions because the calling process
95 image is overlaid by the new process image.
96 .sp
97 .LP
98 An interpreter file begins with a line of the form
99 .sp
100 .in +2
101 .nf
102 #! pathname [\fIarg\fR]
103 .fi
104 .in -2
105
106 .sp
107 .LP
108 where \fIpathname\fR is the path of the interpreter, and \fIarg\fR is an
109 optional argument. When an interpreter file is executed, the system invokes the
110 specified interpreter. The pathname specified in the interpreter file is passed
111 as \fIarg0\fR to the interpreter. If \fIarg\fR was specified in the interpreter
112 file, it is passed as \fIarg1\fR to the interpreter. The remaining arguments to
113 the interpreter are \fIarg0\fR through \fIargn\fR of the originally exec'd
114 file. The interpreter named by \fIpathname\fR may also be an interpreter file.
115 There can be up to four nested interpreter files before the final interpreter.
116 The setid bits on nested interpreters are silently ignored.
117 .sp
118 .LP
119 When a C-language program is executed as a result of this call, it is entered
120 as a C-language function call as follows:
121 .sp
122 .in +2
123 .nf
124 int main (int argc, char *argv[]);
125 .fi
126 .in -2
127
128 .sp
129 .LP
130 where \fIargc\fR is the argument count and \fIargv\fR is an array of character
131 pointers to the arguments themselves. In addition, the following variable:
132 .sp
133 .in +2
134 .nf
135 extern char **environ;
136 .fi
137 .in -2
138
139 .sp
140 .LP
141 is initialized as a pointer to an array of character pointers to the
142 environment strings. The \fIargv\fR and \fIenviron\fR arrays are each
143 terminated by a null pointer. The null pointer terminating the \fIargv\fR array
144 is not counted in \fIargc\fR.
145 .sp
146 .LP
147 The value of \fIargc\fR is non-negative, and if greater than 0, \fIargv\fR[0]
148 points to a string containing the name of the file. If \fIargc\fR is 0,
149 \fIargv\fR[0] is a null pointer, in which case there are no arguments.
150 Applications should verify that \fIargc\fR is greater than 0 or that
151 \fIargv\fR[0] is not a null pointer before dereferencing \fIargv\fR[0].
152 .sp
153 .LP
154 The arguments specified by a program with one of the \fBexec\fR functions are
155 passed on to the new process image in the \fBmain()\fR arguments.
156 .sp
157 .LP
158 The \fIpath\fR argument points to a path name that identifies the new process
159 image file.
160 .sp
161 .LP
162 The \fIfile\fR argument is used to construct a pathname that identifies the new
163 process image file. If the \fIfile\fR argument contains a slash character, it
164 is used as the pathname for this file. Otherwise, the path prefix for this file
165 is obtained by a search of the directories passed in the \fBPATH\fR environment
166 variable (see \fBenviron\fR(5)). The environment is supplied typically by the
167 shell. If the process image file is not a valid executable object file,
168 \fBexeclp()\fR and \fBexecvp()\fR use the contents of that file as standard
169 input to the shell. In this case, the shell becomes the new process image. The
170 standard to which the caller conforms determines which shell is used. See
171 \fBstandards\fR(5).
172 .sp
173 .LP
174 The arguments represented by \fIarg0\fR\&.\|.\|. are pointers to
175 null-terminated character strings. These strings constitute the argument list
176 available to the new process image. The list is terminated by a null pointer.
177 The \fIarg0\fR argument should point to a filename that is associated with the
178 process being started by one of the \fBexec\fR functions.
179 .sp
180 .LP
181 The \fIargv\fR argument is an array of character pointers to null-terminated
182 strings. The last member of this array must be a null pointer. These strings
183 constitute the argument list available to the new process image. The value in
184 \fIargv\fR[0] should point to a filename that is associated with the process
185 being started by one of the \fBexec\fR functions.
186 .sp
187 .LP
188 The \fIenvp\fR argument is an array of character pointers to null-terminated
189 strings. These strings constitute the environment for the new process image.
190 The \fIenvp\fR array is terminated by a null pointer. For \fBexecl()\fR,
191 \fBexecv()\fR, \fBexecvp()\fR, and \fBexeclp()\fR, the C-language run-time
192 start-off routine places a pointer to the environment of the calling process in
193 the global object \fBextern char **environ\fR, and it is used to pass the
194 environment of the calling process to the new process image.
195 .sp
196 .LP
197 The number of bytes available for the new process's combined argument and
198 environment lists is \fBARG_MAX\fR. It is implementation-dependent whether null
199 terminators, pointers, and/or any alignment bytes are included in this total.
200 .sp
201 .LP
202 File descriptors open in the calling process image remain open in the new
203 process image, except for those whose close-on-exec flag \fBFD_CLOEXEC\fR is
204 set; see \fBfcntl\fR(2). For those file descriptors that remain open, all
205 attributes of the open file description, including file locks, remain
206 unchanged.
207 .sp
208 .LP
209 The preferred hardware address translation size (see \fBmemcntl\fR(2)) for the
210 stack and heap of the new process image are set to the default system page
211 size.
212 .sp
213 .LP
214 Directory streams open in the calling process image are closed in the new
215 process image.
216 .sp
217 .LP
218 The state of conversion descriptors and message catalogue descriptors in the
219 new process image is undefined. For the new process, the equivalent of:
220 .sp
221 .in +2
222 .nf
223 setlocale(LC_ALL, "C")
224 .fi
225 .in -2
226
227 .sp
228 .LP
229 is executed at startup.
230 .sp
231 .LP
232 Signals set to the default action (\fBSIG_DFL\fR) in the calling process image
233 are set to the default action in the new process image (see \fBsignal\fR(3C)).
234 Signals set to be ignored (\fBSIG_IGN\fR) by the calling process image are set
235 to be ignored by the new process image. Signals set to be caught by the calling
236 process image are set to the default action in the new process image (see
237 \fBsignal.h\fR(3HEAD)). After a successful call to any of the \fBexec\fR
238 functions, alternate signal stacks are not preserved and the \fBSA_ONSTACK\fR
239 flag is cleared for all signals.
240 .sp
241 .LP
242 After a successful call to any of the \fBexec\fR functions, any functions
243 previously registered by \fBatexit\fR(3C) are no longer registered.
244 .sp
245 .LP
246 The saved resource limits in the new process image are set to be a copy of the
247 process's corresponding hard and soft resource limits.
248 .sp
249 .LP
250 If the \fBST_NOSUID\fR bit is set for the file system containing the new
251 process image file, then the effective user \fBID\fR and effective group
252 \fBID\fR are unchanged in the new process image. If the set-user-\fBID\fR mode
253 bit of the new process image file is set (see \fBchmod\fR(2)), the effective
254 user \fBID\fR of the new process image is set to the owner \fBID\fR of the new
255 process image file. Similarly, if the set-group-\fBID\fR mode bit of the new
256 process image file is set, the effective group \fBID\fR of the new process
257 image is set to the group \fBID\fR of the new process image file. The real user
258 \fBID\fR and real group \fBID\fR of the new process image remain the same as
259 those of the calling process image. The effective user ID and effective group
260 ID of the new process image are saved (as the saved set-user-ID and the saved
261 set-group-ID for use by \fBsetuid\fR(2).
262 .sp
263 .LP
264 The privilege sets are changed according to the following rules:
265 .RS +4
266 .TP
267 1.
268 The inheritable set, I, is intersected with the limit set, L. This
269 mechanism enforces the limit set for processes.
270 .RE
271 .RS +4
272 .TP
273 2.
274 The effective set, E, and the permitted set, P, are made equal to the new
275 inheritable set.
276 .RE
277 .sp
278 .LP
279 The system attempts to set the privilege-aware state to non-PA both before
280 performing any modifications to the process IDs and privilege sets as well as
281 after completing the transition to new UIDs and privilege sets, following the
282 rules outlined in \fBprivileges\fR(5).
283 .sp
284 .LP
285 If the {\fBPRIV_PROC_OWNER\fR} privilege is asserted in the effective set, the
286 set-user-ID and set-group-ID bits will be honored when the process is being
287 controlled by \fBptrace\fR(3C). Additional restriction can apply when the
288 traced process has an effective UID of 0. See \fBprivileges\fR(5).
289 .sp
290 .LP
291 Any shared memory segments attached to the calling process image will not be
292 attached to the new process image (see \fBshmop\fR(2)). Any mappings
293 established through \fBmmap()\fR are not preserved across an \fBexec\fR. Memory
294 mappings created in the process are unmapped before the address space is
295 rebuilt for the new process image. See \fBmmap\fR(2).
296 .sp
297 .LP
298 Memory locks established by the calling process via calls to \fBmlockall\fR(3C)
299 or \fBmlock\fR(3C) are removed. If locked pages in the address space of the
300 calling process are also mapped into the address spaces the locks established
301 by the other processes will be unaffected by the call by this process to the
302 \fBexec\fR function. If the \fBexec\fR function fails, the effect on memory
303 locks is unspecified.
304 .sp
305 .LP
306 If \fB_XOPEN_REALTIME\fR is defined and has a value other than \(mi1, any named
307 semaphores open in the calling process are closed as if by appropriate calls to
308 \fBsem_close\fR(3C)
309 .sp
310 .LP
311 Profiling is disabled for the new process; see \fBprofil\fR(2).
312 .sp
313 .LP
314 Timers created by the calling process with \fBtimer_create\fR(3C) are deleted
315 before replacing the current process image with the new process image.
316 .sp
317 .LP
318 For the \fBSCHED_FIFO\fR and \fBSCHED_RR\fR scheduling policies, the policy and
319 priority settings are not changed by a call to an \fBexec\fR function.
320 .sp
321 .LP
322 All open message queue descriptors in the calling process are closed, as
323 described in \fBmq_close\fR(3C).
324 .sp
325 .LP
326 Any outstanding asynchronous I/O operations may be cancelled. Those
327 asynchronous I/O operations that are not canceled will complete as if the
328 \fBexec\fR function had not yet occurred, but any associated signal
329 notifications are suppressed. It is unspecified whether the \fBexec\fR function
330 itself blocks awaiting such I/O completion. In no event, however, will the new
331 process image created by the \fBexec\fR function be affected by the presence of
332 outstanding asynchronous I/O operations at the time the \fBexec\fR function is
333 called.
334 .sp
335 .LP
336 All active contract templates are cleared (see \fBcontract\fR(4)).
337 .sp
338 .LP
339 The new process also inherits the following attributes from the calling
340 process:
341 .RS +4
342 .TP
343 .ie t \(bu
344 .el o
345 controlling terminal
346 .RE
347 .RS +4
348 .TP
349 .ie t \(bu
350 .el o
351 current working directory
352 .RE
353 .RS +4
354 .TP
355 .ie t \(bu
356 .el o
357 file-locks (see \fBfcntl\fR(2) and \fBlockf\fR(3C))
358 .RE
359 .RS +4
360 .TP
361 .ie t \(bu
362 .el o
363 file mode creation mask (see \fBumask\fR(2))
364 .RE
365 .RS +4
366 .TP
367 .ie t \(bu
368 .el o
369 file size limit (see \fBulimit\fR(2))
370 .RE
371 .RS +4
372 .TP
373 .ie t \(bu
374 .el o
375 limit privilege set
376 .RE
377 .RS +4
378 .TP
379 .ie t \(bu
380 .el o
381 nice value (see \fBnice\fR(2))
382 .RE
383 .RS +4
384 .TP
385 .ie t \(bu
386 .el o
387 parent process \fBID\fR
388 .RE
389 .RS +4
390 .TP
391 .ie t \(bu
392 .el o
393 pending signals (see \fBsigpending\fR(2))
394 .RE
395 .RS +4
396 .TP
397 .ie t \(bu
398 .el o
399 privilege debugging flag (see \fBprivileges\fR(5) and \fBgetpflags\fR(2))
400 .RE
401 .RS +4
402 .TP
403 .ie t \(bu
404 .el o
405 process \fBID\fR
406 .RE
407 .RS +4
408 .TP
409 .ie t \(bu
410 .el o
411 process contract (see \fBcontract\fR(4) and \fBprocess\fR(4))
412 .RE
413 .RS +4
414 .TP
415 .ie t \(bu
416 .el o
417 process group \fBID\fR
418 .RE
419 .RS +4
420 .TP
421 .ie t \(bu
422 .el o
423 process signal mask (see \fBsigprocmask\fR(2))
424 .RE
425 .RS +4
426 .TP
427 .ie t \(bu
428 .el o
429 processor bindings (see \fBprocessor_bind\fR(2))
430 .RE
431 .RS +4
432 .TP
433 .ie t \(bu
434 .el o
435 processor set bindings (see \fBpset_bind\fR(2))
436 .RE
437 .RS +4
438 .TP
439 .ie t \(bu
440 .el o
441 project \fBID\fR
442 .RE
443 .RS +4
444 .TP
445 .ie t \(bu
446 .el o
447 real group \fBID\fR
448 .RE
449 .RS +4
450 .TP
451 .ie t \(bu
452 .el o
453 real user \fBID\fR
454 .RE
455 .RS +4
456 .TP
457 .ie t \(bu
458 .el o
459 resource limits (see \fBgetrlimit\fR(2))
460 .RE
461 .RS +4
462 .TP
463 .ie t \(bu
464 .el o
465 root directory
466 .RE
467 .RS +4
468 .TP
469 .ie t \(bu
470 .el o
471 scheduler class and priority (see \fBpriocntl\fR(2))
472 .RE
473 .RS +4
474 .TP
475 .ie t \(bu
476 .el o
477 \fBsemadj\fR values (see \fBsemop\fR(2))
478 .RE
479 .RS +4
480 .TP
481 .ie t \(bu
482 .el o
483 session membership (see \fBexit\fR(2) and \fBsignal\fR(3C))
484 .RE
485 .RS +4
486 .TP
487 .ie t \(bu
488 .el o
489 supplementary group \fBIDs\fR
490 .RE
491 .RS +4
492 .TP
493 .ie t \(bu
494 .el o
495 task \fBID\fR
496 .RE
497 .RS +4
498 .TP
499 .ie t \(bu
500 .el o
501 time left until an alarm clock signal (see \fBalarm\fR(2))
502 .RE
503 .RS +4
504 .TP
505 .ie t \(bu
506 .el o
507 \fBtms_utime\fR, \fBtms_stime\fR, \fBtms_cutime\fR, and \fBtms_cstime\fR (see
508 \fBtimes\fR(2))
509 .RE
510 .RS +4
511 .TP
512 .ie t \(bu
513 .el o
514 trace flag (see \fBptrace\fR(3C) request 0)
515 .RE
516 .sp
517 .LP
518 A call to any \fBexec\fR function from a process with more than one thread
519 results in all threads being terminated and the new executable image being
520 loaded and executed. No destructor functions will be called.
521 .sp
522 .LP
523 Upon successful completion, each of the functions in the \fBexec\fR family
524 marks for update the \fBst_atime\fR field of the file. If an \fBexec\fR
525 function failed but was able to locate the \fBprocess image file\fR, whether
526 the \fBst_atime\fR field is marked for update is unspecified. Should the
527 function succeed, the process image file is considered to have been opened with
528 \fBopen\fR(2). The corresponding \fBclose\fR(2) is considered to occur at a
529 time after this open, but before process termination or successful completion
530 of a subsequent call to one of the \fBexec\fR functions. The \fIargv\fR[\|] and
531 \fIenvp\fR[\|] arrays of pointers and the strings to which those arrays point
532 will not be modified by a call to one of the \fBexec\fR functions, except as a
533 consequence of replacing the process image.
534 .sp
535 .LP
536 The saved resource limits in the new process image are set to be a copy of the
537 process's corresponding hard and soft limits.
538 .SH RETURN VALUES
539 .LP
540 If a function in the \fBexec\fR family returns to the calling process image, an
541 error has occurred; the return value is \fB\(mi1\fR and \fBerrno\fR is set to
542 indicate the error.
543 .SH ERRORS
544 .LP
545 The \fBexec\fR functions will fail if:
546 .sp
547 .ne 2
548 .na
549 \fB\fBE2BIG\fR\fR
550 .ad
551 .RS 16n
552 The number of bytes in the new process's argument list is greater than the
553 system-imposed limit of {\fBARG_MAX\fR} bytes. The argument list limit is sum
554 of the size of the argument list plus the size of the environment's exported
555 shell variables.
556 .RE
557
558 .sp
559 .ne 2
560 .na
561 \fB\fBEACCES\fR\fR
562 .ad
563 .RS 16n
564 Search permission is denied for a directory listed in the new process file's
565 path prefix.
566 .sp
567 The new process file is not an ordinary file.
568 .sp
569 The new process file mode denies execute permission.
570 .sp
571 The {\fBFILE_DAC_SEARCH\fR} privilege overrides the restriction on directory
572 searches.
573 .sp
574 The {\fBFILE_DAC_EXECUTE\fR} privilege overrides the lack of execute
575 permission.
576 .RE
577
578 .sp
579 .ne 2
580 .na
581 \fB\fBEAGAIN\fR\fR
582 .ad
583 .RS 16n
584 Total amount of system memory available when reading using raw I/O is
585 temporarily insufficient.
586 .RE
587
588 .sp
589 .ne 2
590 .na
591 \fB\fBEFAULT\fR\fR
592 .ad
593 .RS 16n
594 An argument points to an illegal address.
595 .RE
596
597 .sp
598 .ne 2
599 .na
600 \fB\fBEINVAL\fR\fR
601 .ad
602 .RS 16n
603 The new process image file has the appropriate permission and has a recognized
604 executable binary format, but the system does not support execution of a file
605 with this format.
606 .RE
607
608 .sp
609 .ne 2
610 .na
611 \fB\fBEINTR\fR\fR
612 .ad
613 .RS 16n
614 A signal was caught during the execution of one of the functions in the
615 \fIexec\fR family.
616 .RE
617
618 .sp
619 .ne 2
620 .na
621 \fB\fBELOOP\fR\fR
622 .ad
623 .RS 16n
624 Too many symbolic links were encountered in translating \fIpath\fR or
625 \fIfile\fR, or too many nested interpreter files.
626 .RE
627
628 .sp
629 .ne 2
630 .na
631 \fB\fBENAMETOOLONG\fR\fR
632 .ad
633 .RS 16n
634 The length of the \fIfile\fR or \fIpath\fR argument exceeds {\fBPATH_MAX\fR},
635 or the length of a \fIfile\fR or \fIpath\fR component exceeds {\fBNAME_MAX\fR}
636 while {\fB_POSIX_NO_TRUNC\fR} is in effect.
637 .RE
638
639 .sp
640 .ne 2
641 .na
642 \fB\fBENOENT\fR\fR
643 .ad
644 .RS 16n
645 One or more components of the new process path name of the file do not exist or
646 is a null pathname.
647 .RE
648
649 .sp
650 .ne 2
651 .na
652 \fB\fBENOLINK\fR\fR
653 .ad
654 .RS 16n
655 The \fIpath\fR argument points to a remote machine and the link to that machine
656 is no longer active.
657 .RE
658
659 .sp
660 .ne 2
661 .na
662 \fB\fBENOTDIR\fR\fR
663 .ad
664 .RS 16n
665 A component of the new process path of the file prefix is not a directory.
666 .RE
667
668 .sp
669 .LP
670 The \fBexec\fR functions, except for \fBexeclp()\fR and \fBexecvp()\fR, will
671 fail if:
672 .sp
673 .ne 2
674 .na
675 \fB\fBENOEXEC\fR\fR
676 .ad
677 .RS 11n
678 The new process image file has the appropriate access permission but is not in
679 the proper format.
680 .RE
681
682 .sp
683 .LP
684 The \fBexec\fR functions may fail if:
685 .sp
686 .ne 2
687 .na
688 \fB\fBENAMETOOLONG\fR\fR
689 .ad
690 .RS 16n
691 Pathname resolution of a symbolic link produced an intermediate result whose
692 length exceeds {\fBPATH_MAX\fR}.
693 .RE
694
695 .sp
696 .ne 2
697 .na
698 \fB\fBENOMEM\fR\fR
699 .ad
700 .RS 16n
701 The new process image requires more memory than is allowed by the hardware or
702 system-imposed by memory management constraints. See \fBbrk\fR(2).
703 .RE
704
705 .sp
706 .ne 2
707 .na
708 \fB\fBETXTBSY\fR\fR
709 .ad
710 .RS 16n
711 The new process image file is a pure procedure (shared text) file that is
712 currently open for writing by some process.
713 .RE
714
715 .SH USAGE
716 .LP
717 As the state of conversion descriptors and message catalogue descriptors in the
718 new process image is undefined, portable applications should not rely on their
719 use and should close them prior to calling one of the \fBexec\fR functions.
720 .sp
721 .LP
722 Applications that require other than the default POSIX locale should call
723 \fBsetlocale\fR(3C) with the appropriate parameters to establish the locale of
724 thenew process.
725 .sp
726 .LP
727 The \fIenviron\fR array should not be accessed directly by the application.
728 .SH ATTRIBUTES
729 .LP
730 See \fBattributes\fR(5) for descriptions of the following attributes:
731 .sp
732
733 .sp
734 .TS
735 box;
736 c | c
737 l | l .
738 ATTRIBUTE TYPE ATTRIBUTE VALUE
739 _
740 Interface Stability Committed
741 _
742 MT-Level See below.
743 _
744 Standard See \fBstandards\fR(5).
745 .TE
746
747 .sp
748 .LP
749 The \fBexecle()\fR and \fBexecve()\fR functions are Async-Signal-Safe.
750 .SH SEE ALSO
751 .LP
752 \fBksh\fR(1), \fBps\fR(1), \fBsh\fR(1), \fBalarm\fR(2), \fBbrk\fR(2),
753 \fBchmod\fR(2), \fBexit\fR(2), \fBfcntl\fR(2), \fBfork\fR(2),
754 \fBgetpflags\fR(2), \fBgetrlimit\fR(2), \fBmemcntl\fR(2), \fBmmap\fR(2),
755 \fBnice\fR(2), \fBpriocntl\fR(2), \fBprofil\fR(2), \fBsemop\fR(2),
756 \fBshmop\fR(2), \fBsigpending\fR(2), \fBsigprocmask\fR(2), \fBtimes\fR(2),
757 \fBumask\fR(2), \fBlockf\fR(3C), \fBptrace\fR(3C), \fBsetlocale\fR(3C),
758 \fBsignal\fR(3C), \fBsystem\fR(3C), \fBtimer_create\fR(3C), \fBa.out\fR(4),
759 \fBcontract\fR(4), \fBprocess\fR(4), \fBattributes\fR(5), \fBenviron\fR(5),
760 \fBprivileges\fR(5), \fBstandards\fR(5)
761 .SH WARNINGS
762 .LP
763 If a program is \fBsetuid\fR to a user \fBID\fR other than the superuser, and
764 the program is executed when the real user \fBID\fR is super-user, then the
765 program has some of the powers of a super-user as well.