Controlling processes via the /proc filesystem

QNX SDP8.0Programmer's GuideDeveloper

Implemented by the Process Manager component of procnto, the /proc virtual filesystem lets you access and control the processes and threads running in the system.

CAUTION:

This interface is intended for gathering information or process control while debugging. You should not use it in production systems to control the behavior of processes and threads.

Using the /proc filesystem to examine a process might affect the performance of the threads in the process when it is interacting with the process manager (e.g., using mmap() or munmap()). It may also affect any thread or threads in other processes with which those threads are interacting.

The /proc filesystem manifests each process currently running on the system as a directory whose name is the numerical process ID (in decimal) of the process. Inside this directory, you'll find the following files:
as
The address space that contains the process's entire memory space.
cmdline
The arguments passed to the process, separated by null characters. For example:
# pidin -p 28687 arg
      pid Arguments
    28687 io-sock -m mods-pci.so -d devs-em.so
# echo `cat /proc/28687/cmdline`
io-sock-mmods-pci.so-ddevs-em.so
ctl
A file that you can use for devctl() commands to access processes and their threads.
exefile
The path of the executable file used to run the process. For example:
# echo `cat /proc/28687/exefile`
/sbin/io-sock
mappings
A detailed view of every page in a process's address space.
pmap
A detailed view of the process's mappings.
vmstat
A view of the process's virtual memory.
You can use the following standard functions to access the files in the /proc filesystem:
Function Purpose
open() Establish a file descriptor to a process
read() Read data from the process's address space
write() Write data to the process's address space
stat() Return struct stat information
lseek() Establish a position within the process's address space for further operations
devctl() Manipulate a process or thread
close() Release a file descriptor

Ancillary functions (such as readdir(), opendir(), and so on) are supported on the directory /proc itself—this aids in implementing commands such as ls.

Note:
You must open the appropriate file (e.g., /proc/pid/ctl), not the /proc/pid directory.
When you start procnto, you can use the following options to specify the umask to use for the /proc/pid/* files:
-d
Controls the umask for cmdline and cctl. The default is 0022.
-u
Controls the umask for as, exefile, mappings, pmap and vmstat. The default is 0066.

You can use chmod to drop permissions on the as and ctl files, but you can't then regain the permissions.

In order to read or write data from or to the process, you must have opened the file descriptor in the appropriate mode. You must also have appropriate privileges to open the particular process. Access is controlled to a limited extent by POSIX permissions but mainly by abilities (see Abilities in the System Security Guide):
  • If your process has a different user ID than the target process, and you have only the POSIX permissions, then you can:
    • get limited access to cmdline; it shows the target process's first argument only (i.e., it tells you what's running but none of its command-line arguments)
    • get limited access to ctl; it supports the DCMD_PROC_INFO, DCMD_PROC_MAPDEBUG_BASE, and DCMD_PROC_TIDSTATUS devctl() commands, but the output is sanitized.
    • read exefile
  • If your process has the same user ID and has POSIX access, then you get unrestricted access to the files.
  • Irrespective of the user ID and POSIX permissions:
    • If your process has the PROCMGR_AID_XPROCESS_QUERY ability for the user IDs of the target file (effective, real, and saved), you can get read access to all files except for the as file.
    • If your process has PROCMGR_AID_XPROCESS_MEM_READ for the user IDs of the target file (effective, real, and saved), you can get read access to the as file.
    • If a process has PROCMGR_AID_XPROCESS_DEBUG for the user IDs of the target file (effective, real, and saved), you can get write access to as and ctl.
  • The root user (effective user ID 0) gets unrestricted POSIX access but still requires abilities to access files of processes with other user IDs.

Only one process can have a /proc/pid/as or /proc/pid/ctl file open for writing at a time.

Page updated: