p_candebug(9) determine debuggability of a process

SYNOPSIS

In sys/param.h In sys/proc.h Ft int Fn p_candebug struct thread *td struct proc *p

DESCRIPTION

This function can be used to determine if a given process Fa p is debuggable by the thread Fa td .

SYSCTL VARIABLES

The following sysctl(8) variables directly influence the behaviour of Fn p_candebug :

kern.securelevel
Debugging of the init process is not allowed if this variable is 1 or greater.
security.bsd.unprivileged_proc_debug
Must be set to a non-zero value to allow unprivileged processes access to the kernel's debug facilities.

RETURN VALUES

The Fn p_candebug function returns 0 if the process denoted by Fa p is debuggable by thread Fa td , or a non-zero error return value otherwise.

ERRORS

Bq Er EACCESS
The MAC subsystem denied debuggability.
Bq Er EAGAIN
Process Fa p is in the process of being Fn exec Ns 'ed.
Bq Er EPERM
Thread Fa td lacks super-user credentials and process Fa p is executing a set-user-ID or set-group-ID executable.
Bq Er EPERM
Thread Fa td lacks super-user credentials and process Fa p Ns 's group set is not a subset of Fa td Ns 's effective group set.
Bq Er EPERM
Thread Fa td lacks super-user credentials and process Fa p Ns 's user IDs do not match thread Fa td Ns 's effective user ID.
Bq Er EPERM
Process Fa p denotes the initial process Fn initproc and the sysctl(8) variable kern.securelevel is greater than zero.
Bq Er ESRCH
Process Fa p is not visible to thread Fa td as determined by cr_seeotheruids9 or cr_seeothergids9.
Bq Er ESRCH
Thread Fa td has been jailed and process Fa p does not belong to the same jail as Fa td .
Bq Er ESRCH
The MAC subsystem denied debuggability.