SYNOPSIS
In sys/param.h In sys/proc.h Ft int Fn p_candebug struct thread *td struct proc *pDESCRIPTION
This function can be used to determine if a given process Fa p is debuggable by the thread Fa td .SYSCTL VARIABLES
The following sysctl(8) variables directly influence the behaviour of Fn p_candebug :- kern.securelevel
- Debugging of the init process is not allowed if this variable is 1 or greater.
- security.bsd.unprivileged_proc_debug
- Must be set to a non-zero value to allow unprivileged processes access to the kernel's debug facilities.
RETURN VALUES
The Fn p_candebug function returns 0 if the process denoted by Fa p is debuggable by thread Fa td , or a non-zero error return value otherwise.ERRORS
- Bq Er EACCESS
- The MAC subsystem denied debuggability.
- Bq Er EAGAIN
- Process Fa p is in the process of being Fn exec Ns 'ed.
- Bq Er EPERM
- Thread Fa td lacks super-user credentials and process Fa p is executing a set-user-ID or set-group-ID executable.
- Bq Er EPERM
- Thread Fa td lacks super-user credentials and process Fa p Ns 's group set is not a subset of Fa td Ns 's effective group set.
- Bq Er EPERM
- Thread Fa td lacks super-user credentials and process Fa p Ns 's user IDs do not match thread Fa td Ns 's effective user ID.
- Bq Er EPERM
- Process Fa p denotes the initial process Fn initproc and the sysctl(8) variable kern.securelevel is greater than zero.
- Bq Er ESRCH
- Process Fa p is not visible to thread Fa td as determined by cr_seeotheruids9 or cr_seeothergids9.
- Bq Er ESRCH
- Thread Fa td has been jailed and process Fa p does not belong to the same jail as Fa td .
- Bq Er ESRCH
- The MAC subsystem denied debuggability.