UNIX System Administration Handbook - Evi Nemeth [38]
Why have both a UID and an EUID? Simply because it’s useful to maintain a distinction between identity and permission, and because a setuid program may not wish to operate with expanded permissions all of the time. On most systems, the effective UID can be set and reset to enable or restrict the additional permissions it grants.
GID and EGID: real and effective group ID
The GID is the group identification number of a process. The EGID is related to the GID in the same way that the EUID is related to the UID. If a process tries to access a file for which it does not have owner permission, the kernel will automatically check to see if permission may be granted on the basis of the EGID.
See page 79 for more information about groups.
On some systems, a process can be in more than one group at a time. In this case, the GID and EGID are actually a list of group numbers. When the process attempts to access a resource, the entire list is checked to see if it belongs to an appropriate group.
Niceness
A process’s scheduling priority determines how much CPU time it receives. The kernel uses a dynamic algorithm to compute priorities, taking into account the amount of CPU time that a process has recently consumed and the length of time it has been waiting to run. The kernel also pays attention to an administratively set value that’s usually called the “nice value” or “niceness,” so called because it tells how nice you are planning to be to other users of the system. We take up the subject of niceness in detail on page 52.
Control terminal
Most processes have a control terminal associated with them. The control terminal determines default linkages for the standard input, standard output, and standard error channels. When you start a command from the shell, your terminal normally becomes the process’s control terminal. The concept of a control terminal also affects the distribution of signals, which are discussed starting on page 48.
4.2 THE LIFE CYCLE OF A PROCESS
To create a new process, a process copies itself with the fork system call. fork creates a copy of the original process that is largely identical to the parent. The new process has a distinct PID and has its own accounting information.
fork has the unique property of returning two different values. From the child’s point of view, it returns zero. The parent, on the other hand, is returned the PID of the newly created child. Since the two processes are otherwise identical, they must both examine the return value to figure out which role they are supposed to play.
After a fork, the child process will often use one of the exec family of system calls to begin execution of a new program.3 These calls change the program text that the process is executing and reset the data and stack segments to a predefined initial state. The various forms of exec differ only in the ways that they specify the command-line arguments and environment to be given to the new program.
When the system boots, the kernel autonomously creates and installs several processes. The most notable of these is init, which is always process number 1. init is responsible for forking a shell to execute the rc startup scripts, if your system uses them. All processes other than the ones the kernel creates are descendants of init.
See Chapter 2 for more information about booting and the init daemon.
init also plays another important role in process management. When a process completes, it calls a routine named _exit to notify the kernel that it is ready to die. It supplies an exit code (an integer) that tells why it’s exiting. By convention, 0 is used to indicate a normal or “successful” termination.
Before a process can be allowed to disappear completely, UNIX requires that its death be acknowledged by the process’s parent, which the