val fork_exec : ?stdin:Core.Unix.File_descr.t ‑> ?stdout:Core.Unix.File_descr.t ‑> ?stderr:Core.Unix.File_descr.t ‑> ?path_lookup:bool ‑> ?env:[ `Extend of (string * string) list | `Replace of (string * string) list ] ‑> ?working_dir:string ‑> ?setuid:int ‑> ?setgid:int ‑> string ‑> string list ‑> Core.Pid.t
fork_exec prog args ~stdin ~stdout ~stderr ~setuid ~setgid
forks a new process that executes the program
in file prog
, with arguments args
. The pid of the new
process is returned immediately; the new process executes
concurrently with the current process.
The function raises EPERM if when using set{gid,uid}
and the user id is
not 0.
The standard input and outputs of the new process are connected
to the descriptors stdin
, stdout
and stderr
.
The close_on_exec flag is cleared from stderr
stdout
and stdin
so it's
safe to pass in fds with close_on_exec
set.
true
than we use PATH to find the process to exec.@env specifies the environment the process runs in
ERRORS: Unix.unix_error. This function should not raise EINTR; it will restart itself automatically.
RATIONAL:
setuid
and setgid
do not do a full id drop (e.g.: they save the id in
saved id) when the user does not have the privileges required to setuid to
anyone.
By default all file descriptors should be set_closexec ASAP after being open to avoid being captured in parallel execution of fork_exec; resetting the closexec flag on the forked flag is a cleaner and more thread safe approach.
BUGS: The capabilities for setuid in linux are not tied to the uid 0 (man 7 capabilities). It is still fair to assume that under most system this capability is there IFF uid == 0. A more fine grain permissionning approach would make this function non-portable and be hard to implement in an async-signal-way.
Because this function keeps the lock for most of its lifespan and restarts automatically on EINTR it might prevent the OCaml signal handlers to run in that thread.
external ntohl : Core.Int32.t ‑> Core.Int32.t = "extended_ml_ntohl"
Network to host order long, like C.
external htonl : Core.Int32.t ‑> Core.Int32.t = "extended_ml_htonl"
Host to network order long, like C.
type statvfs
=
{
}
include sig ... end
val statvfs_of_sexp : Sexplib.Sexp.t ‑> statvfs
val sexp_of_statvfs : statvfs ‑> Sexplib.Sexp.t
val bin_statvfs : statvfs Bin_prot.Type_class.t
val bin_read_statvfs : statvfs Bin_prot.Read.reader
val __bin_read_statvfs__ : (int ‑> statvfs) Bin_prot.Read.reader
val bin_reader_statvfs : statvfs Bin_prot.Type_class.reader
val bin_size_statvfs : statvfs Bin_prot.Size.sizer
val bin_write_statvfs : statvfs Bin_prot.Write.writer
val bin_writer_statvfs : statvfs Bin_prot.Type_class.writer
val bin_shape_statvfs : Bin_prot.Shape.t
module Extended_passwd : sig ... end
external strptime : fmt:string ‑> string ‑> Core.Unix.tm = "unix_strptime"
The CIDR module moved into Core.Unix
module Mac_address : sig ... end
module Quota : sig ... end
module Mount_entry : sig ... end
val terminal_width : int Core.Lazy.t