root@zeropage:~# ps -efjc UID PID PPID PGID SID CLS PRI STIME TTY TIME CMD root 1 0 0 0 TS 23 Oct15 ? 00:00:00 init [2] root 2 1 0 0 TS 5 Oct15 ? 00:00:00 [ksoftirqd/0] root 3 1 0 0 TS 29 Oct15 ? 00:00:00 [events/0] root 4 1 0 0 TS 28 Oct15 ? 00:00:00 [khelper] root 5 1 0 0 TS 23 Oct15 ? 00:00:00 [kthread] root 7 5 0 0 TS 19 Oct15 ? 00:00:00 [kacpid] root 60 5 0 0 TS 29 Oct15 ? 00:00:00 [kblockd/0] root 86 5 0 0 TS 24 Oct15 ? 00:00:00 [pdflush] root 87 5 0 0 TS 24 Oct15 ? 00:00:00 [pdflush] root 89 5 0 0 TS 22 Oct15 ? 00:00:00 [aio/0] root 88 1 1 1 TS 24 Oct15 ? 00:00:01 [kswapd0] root 674 1 1 1 TS 22 Oct15 ? 00:00:00 [kseriod] root 943 1 1 1 TS 24 Oct15 ? 00:00:00 [kjournald] root 1095 1 1 1 TS 24 Oct15 ? 00:00:01 [kjournald] root 1096 1 1 1 TS 24 Oct15 ? 00:00:02 [kjournald] root 1097 1 1 1 TS 24 Oct15 ? 00:00:00 [kjournald] root 1098 1 1 1 TS 24 Oct15 ? 00:00:01 [kjournald] root 1099 1 1 1 TS 24 Oct15 ? 00:00:00 [kjournald] daemon 1191 1 1191 1191 TS 22 Oct15 ? 00:00:00 /sbin/portmap root 1314 1 1313 1313 TS 24 Oct15 ? 00:00:00 /usr/sbin/syslogd bind 1323 1 1323 1323 TS 21 Oct15 ? 00:00:00 /usr/sbin/named -u bind 105 1334 1 1334 1334 TS 21 Oct15 ? 00:00:00 /usr/bin/dbus-daemon-1 --system 104 1366 1 1366 1366 TS 23 Oct15 ? 00:00:00 /usr/sbin/exim4 -bd -q30m root 1372 1 1371 1371 TS 18 Oct15 ? 00:00:00 /usr/sbin/inetutils-inetd root 1387 1 1303 1303 TS 14 Oct15 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe root 1417 1387 1303 1303 TS 14 Oct15 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe mysql 1418 1417 1303 1303 TS 23 Oct15 ? 00:06:23 /usr/sbin/mysqld --basedir=/usr --datad root 1419 1417 1303 1303 TS 23 Oct15 ? 00:00:00 logger -p daemon.err -t mysqld_safe -i root 1461 1 1461 1461 TS 24 Oct15 ? 00:00:00 /usr/sbin/sshd root 1475 1 1303 1303 TS 14 Oct15 ? 00:03:00 /usr/local/jdk/jre/bin/java -Djava.util root 1481 1 1481 1481 TS 23 Oct15 ? 00:00:00 /usr/sbin/vsftpd root 1485 1 1485 1485 TS 21 Oct15 ? 00:00:00 /usr/sbin/famd -T 0 daemon 1497 1 1497 1497 TS 23 Oct15 ? 00:00:00 /usr/sbin/atd root 1500 1 1500 1500 TS 23 Oct15 ? 00:00:00 /usr/sbin/cron root 1538 1 1538 1538 TS 23 Oct15 tty1 00:00:00 /sbin/getty 38400 tty1 root 1540 1 1540 1540 TS 23 Oct15 tty2 00:00:00 /sbin/getty 38400 tty2 root 1541 1 1541 1541 TS 23 Oct15 tty3 00:00:00 /sbin/getty 38400 tty3 root 1542 1 1542 1542 TS 23 Oct15 tty4 00:00:00 /sbin/getty 38400 tty4 root 1543 1 1543 1543 TS 23 Oct15 tty5 00:00:00 /sbin/getty 38400 tty5 root 1544 1 1544 1544 TS 23 Oct15 tty6 00:00:00 /sbin/getty 38400 tty6 root 5722 1 5722 5722 TS 23 Oct16 ? 00:00:01 /usr/sbin/apache2 -k start -DSSL www-data 5724 5722 5722 5722 TS 23 Oct16 ? 00:00:00 /usr/sbin/fcgi-pm -k start -DSSL www-data 11061 5722 5722 5722 TS 24 22:30 ? 00:00:01 /usr/sbin/apache2 -k start -DSSL www-data 11123 5722 5722 5722 TS 22 22:54 ? 00:00:04 /usr/sbin/apache2 -k start -DSSL www-data 11184 5722 5722 5722 TS 23 23:05 ? 00:00:02 /usr/sbin/apache2 -k start -DSSL www-data 11360 5722 5722 5722 TS 23 23:30 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11392 5722 5722 5722 TS 20 23:32 ? 00:00:03 /usr/sbin/apache2 -k start -DSSL www-data 11393 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11394 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11395 5722 5722 5722 TS 24 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11396 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11397 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL root 11434 1461 11434 11434 TS 24 23:41 ? 00:00:00 sshd: sapius@pts/0 root 11436 11434 11436 11436 TS 24 23:41 pts/0 00:00:00 -bash root 11453 11436 11453 11436 TS 22 23:41 pts/0 00:00:00 ps -efjc
1. fork 호출하여 자식 프로세스 생성. 부모프로세스 종료 2. setsid 이용 새로운 세션 생성, 현재 프로세스의 PID가 세션 제어권을 가지도록 설정 3. chdir 프로세스가 루트에서 작업하도록 변경1 부연설명
~cpp #include <sys/types.h> #include <sys/stat.h> #include <stdio.h> #include <fcntl.h> int main() { pid_t pid; if (( pid = fork()) < 0) exit(0); // 부모프로세스를 종료한다. else if(pid != 0) exit(0); //setsid(); chdir("/"); // 여기에 프로그램 본체를 넣는다. setsid(); while(1) { sleep(1); } }
root@zeropage:~# ps -ejfc UID PID PPID PGID SID CLS PRI STIME TTY TIME CMD root 1 0 0 0 TS 23 Oct15 ? 00:00:00 init [2] root 2 1 0 0 TS 5 Oct15 ? 00:00:00 [ksoftirqd/0] root 3 1 0 0 TS 29 Oct15 ? 00:00:00 [events/0] root 4 1 0 0 TS 28 Oct15 ? 00:00:00 [khelper] root 5 1 0 0 TS 23 Oct15 ? 00:00:00 [kthread] root 7 5 0 0 TS 19 Oct15 ? 00:00:00 [kacpid] root 60 5 0 0 TS 29 Oct15 ? 00:00:00 [kblockd/0] root 86 5 0 0 TS 24 Oct15 ? 00:00:00 [pdflush] root 87 5 0 0 TS 24 Oct15 ? 00:00:00 [pdflush] root 89 5 0 0 TS 22 Oct15 ? 00:00:00 [aio/0] root 88 1 1 1 TS 24 Oct15 ? 00:00:01 [kswapd0] root 674 1 1 1 TS 22 Oct15 ? 00:00:00 [kseriod] root 943 1 1 1 TS 24 Oct15 ? 00:00:00 [kjournald] root 1095 1 1 1 TS 24 Oct15 ? 00:00:01 [kjournald] root 1096 1 1 1 TS 23 Oct15 ? 00:00:02 [kjournald] root 1097 1 1 1 TS 24 Oct15 ? 00:00:00 [kjournald] root 1098 1 1 1 TS 24 Oct15 ? 00:00:01 [kjournald] root 1099 1 1 1 TS 24 Oct15 ? 00:00:00 [kjournald] daemon 1191 1 1191 1191 TS 22 Oct15 ? 00:00:00 /sbin/portmap root 1314 1 1313 1313 TS 23 Oct15 ? 00:00:00 /usr/sbin/syslogd bind 1323 1 1323 1323 TS 21 Oct15 ? 00:00:00 /usr/sbin/named -u bind 105 1334 1 1334 1334 TS 21 Oct15 ? 00:00:00 /usr/bin/dbus-daemon-1 --system 104 1366 1 1366 1366 TS 23 Oct15 ? 00:00:00 /usr/sbin/exim4 -bd -q30m root 1372 1 1371 1371 TS 18 Oct15 ? 00:00:00 /usr/sbin/inetutils-inetd root 1387 1 1303 1303 TS 14 Oct15 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe root 1417 1387 1303 1303 TS 14 Oct15 ? 00:00:00 /bin/sh /usr/bin/mysqld_safe mysql 1418 1417 1303 1303 TS 24 Oct15 ? 00:06:23 /usr/sbin/mysqld --basedir=/usr --datad root 1419 1417 1303 1303 TS 23 Oct15 ? 00:00:00 logger -p daemon.err -t mysqld_safe -i root 1461 1 1461 1461 TS 24 Oct15 ? 00:00:00 /usr/sbin/sshd root 1475 1 1303 1303 TS 14 Oct15 ? 00:03:01 /usr/local/jdk/jre/bin/java -Djava.util root 1481 1 1481 1481 TS 23 Oct15 ? 00:00:00 /usr/sbin/vsftpd root 1485 1 1485 1485 TS 21 Oct15 ? 00:00:00 /usr/sbin/famd -T 0 daemon 1497 1 1497 1497 TS 23 Oct15 ? 00:00:00 /usr/sbin/atd root 1500 1 1500 1500 TS 23 Oct15 ? 00:00:00 /usr/sbin/cron root 1538 1 1538 1538 TS 23 Oct15 tty1 00:00:00 /sbin/getty 38400 tty1 root 1540 1 1540 1540 TS 23 Oct15 tty2 00:00:00 /sbin/getty 38400 tty2 root 1541 1 1541 1541 TS 23 Oct15 tty3 00:00:00 /sbin/getty 38400 tty3 root 1542 1 1542 1542 TS 23 Oct15 tty4 00:00:00 /sbin/getty 38400 tty4 root 1543 1 1543 1543 TS 23 Oct15 tty5 00:00:00 /sbin/getty 38400 tty5 root 1544 1 1544 1544 TS 23 Oct15 tty6 00:00:00 /sbin/getty 38400 tty6 root 5722 1 5722 5722 TS 23 Oct16 ? 00:00:01 /usr/sbin/apache2 -k start -DSSL www-data 5724 5722 5722 5722 TS 23 Oct16 ? 00:00:00 /usr/sbin/fcgi-pm -k start -DSSL www-data 11061 5722 5722 5722 TS 23 22:30 ? 00:00:01 /usr/sbin/apache2 -k start -DSSL www-data 11123 5722 5722 5722 TS 23 22:54 ? 00:00:05 /usr/sbin/apache2 -k start -DSSL www-data 11184 5722 5722 5722 TS 23 23:05 ? 00:00:02 /usr/sbin/apache2 -k start -DSSL www-data 11360 5722 5722 5722 TS 23 23:30 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11392 5722 5722 5722 TS 23 23:32 ? 00:00:04 /usr/sbin/apache2 -k start -DSSL www-data 11394 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11395 5722 5722 5722 TS 23 23:32 ? 00:00:01 /usr/sbin/apache2 -k start -DSSL www-data 11396 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11397 5722 5722 5722 TS 23 23:32 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL root 11434 1461 11434 11434 TS 23 23:41 ? 00:00:00 sshd: sapius@pts/0 root 11436 11434 11436 11436 TS 24 23:41 pts/0 00:00:00 -bash '''root 11503 1 11503 11503 TS 23 23:49 ? 00:00:00 ./test''' www-data 11508 5722 5722 5722 TS 23 23:50 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11509 5722 5722 5722 TS 23 23:50 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL www-data 11511 5722 5722 5722 TS 24 23:50 ? 00:00:00 /usr/sbin/apache2 -k start -DSSL root 11521 11436 11521 11436 TS 23 23:50 pts/0 00:00:00 ps -ejfc