proc.5: Document /proc/PID/seccomp

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2016-10-07 10:50:10 +02:00 · 2016-10-07 10:50:10 +02:00 · 15869389bf
parent 3ed7270ea2
commit 15869389bf
1 changed files with 24 additions and 0 deletions
--- a/man5/proc.5
+++ b/man5/proc.5
@ -1569,6 +1569,30 @@ check; see
 .\" FIXME Describe /proc/[pid]/seccomp
 .\"       Added in 2.6.12
 .\"
+.TP
+.IR /proc/[pid]/seccomp " (Linux 2.6.12 to 2.6.22)"
+This file can be used to read and change the process's
+secure computing (seccomp) mode setting.
+It contains the value 0 if the process is not in seccomp mode,
+and 1 if the process is in strict seccomp mode (see
+.BR seccomp (2)).
+Writing 1 to this file places the process irreversibly in strict seccomp mode.
+(Further attempts to write to the file fail with the
+.B EPERM
+error.)
+
+In Linux 2.6.23,
+this file went away, to be replaced by the
+.BR prctl (2)
+.BR PR_GET_SECCOMP
+and
+.BR PR_SET_SECCOMP
+operations (and later by
+.BR seccomp (2)
+and the
+.I Seccomp
+field in
+.IR /proc/[pid]/status ).
 .\" FIXME Describe /proc/[pid]/sessionid
 .\"       Added in 2.6.25; read-only; only readable by real UID
 .\"	  commit 1e0bd7550ea9cf474b1ad4c6ff5729a507f75fdc