p_candebug(9)
determine debuggability of a process
SYNOPSIS
In sys/param.h
In sys/proc.h
Ft int
Fn p_candebug struct thread *td struct proc *p
DESCRIPTION
This function can be used to determine if a given process
Fa p
is debuggable by the thread
Fa td .
SYSCTL VARIABLES
The following
sysctl(8)
variables directly influence the behaviour of
Fn p_candebug :
- kern.securelevel
-
Debugging of the init process is not allowed if this variable is
1
or greater.
- security.bsd.unprivileged_proc_debug
-
Must be set to a non-zero value to allow unprivileged processes
access to the kernel's debug facilities.
RETURN VALUES
The
Fn p_candebug
function
returns
0
if the process denoted by
Fa p
is debuggable by thread
Fa td ,
or a non-zero error return value otherwise.
ERRORS
- Bq Er EACCESS
-
The MAC subsystem denied debuggability.
- Bq Er EAGAIN
-
Process
Fa p
is in the process of being
Fn exec Ns 'ed.
- Bq Er EPERM
-
Thread
Fa td
lacks super-user credentials and process
Fa p
is executing a set-user-ID or set-group-ID executable.
- Bq Er EPERM
-
Thread
Fa td
lacks super-user credentials and process
Fa p Ns 's
group set is not a subset of
Fa td Ns 's
effective group set.
- Bq Er EPERM
-
Thread
Fa td
lacks super-user credentials and process
Fa p Ns 's
user IDs do not match thread
Fa td Ns 's
effective user ID.
- Bq Er EPERM
-
Process
Fa p
denotes the initial process
Fn initproc
and the
sysctl(8)
variable
kern.securelevel
is greater than zero.
- Bq Er ESRCH
-
Process
Fa p
is not visible to thread
Fa td
as determined by
cr_seeotheruids9
or
cr_seeothergids9.
- Bq Er ESRCH
-
Thread
Fa td
has been jailed and process
Fa p
does not belong to the same jail as
Fa td .
- Bq Er ESRCH
-
The MAC subsystem denied debuggability.
