SYSTEM (3)
execute a shell command
SYNOPSIS
#include <stdlib.h>
int system (const char * string );
DESCRIPTION
system()
executes a command specified in
string
by calling
/bin/sh -c
string ,
and returns after the command has been completed.
During execution of the command,
SIGCHLD
will be blocked, and
SIGINT
and
SIGQUIT
will be ignored.
RETURN VALUE
The value returned is 127 if the
execve()
call for
/bin/sh
fails, -1 if there was another error and the return code of the
command otherwise.
If the value of
string
is
NULL ,
system()
returns nonzero if the shell is available, and zero if not.
system()
does not affect the wait status of any other children.
CONFORMING TO
BUGS
It is extremely unfortunate that the libc version of
system()
ignores interrupts. This makes programs that call it
from a loop uninterruptable. This means that for such
purposes one should not use
system()
but a private version like (warning: untested code!)
int my_system (const char *command) {
int pid, status;
if (command == 0)
return 1;
pid = fork();
if (pid == -1)
return -1;
if (pid == 0) {
char *argv[4];
argv[0] = "sh";
argv[1] = "-c";
argv[2] = command;
argv[3] = 0;
execve("/bin/sh", argv, environ);
exit(127);
}
do {
if (waitpid(pid, &status, 0) == -1) {
if (errno != EINTR)
return -1;
} else
return status;
} while(1);
}
Do not use
system()
from a program with suid or sgid privileges, because strange values for
some environment variables might be used to subvert system integrity.
Use the
exec (3)
family of functions instead, but not
execlp (3)
or
execvp (3).
system()
will not, in fact, work properly from programs with suid or sgid
privileges on systems on which
/bin/sh
is
bash
version 2, since bash 2 drops privileges on startup. (Debian uses a
modified bash which does not do this when invoked as
sh .)
The check for the availability of
/bin/sh
is not actually performed; it is always assumed to be available. ISO
C specifies the check, but POSIX.2 specifies that the return shall
always be non-zero, since a system without the shell is not
conforming, and it is this that is implemented.
It is possible for the shell command to return 127, so that code is not a sure
indication that the
execve()
call failed; check
errno
to make sure.
SEE ALSO
|