proc_pid_exe
proc_pid_exe(5) File Formats Manual proc_pid_exe(5)
NAME
/proc/pid/exe - symbolic link to program pathnameDESCRIPTION
/proc/pid/exe
Under Linux 2.2 and later, this file is a symbolic link containing the actual pathname of the executed command. This symbolic link can be dereferenced normally; attempting to
open it will open the executable. You can even type /proc/pid/exe to run another copy of the same executable that is being run by process pid. If the pathname has been un‐
linked, the symbolic link will contain the string ' (deleted)' appended to the original pathname. In a multithreaded process, the contents of this symbolic link are not avail‐
able if the main thread has already terminated (typically by calling pthread_exit(3)).
Permission to dereference or read (readlink(2)) this symbolic link is governed by a ptrace access mode PTRACE_MODE_READ_FSCREDS check; see ptrace(2).
Under Linux 2.0 and earlier, /proc/pid/exe is a pointer to the binary which was executed, and appears as a symbolic link. A readlink(2) call on this file under Linux 2.0 re‐
turns a string in the format:
[device]:inode
For example, [0301]:1502 would be inode 1502 on device major 03 (IDE, MFM, etc. drives) minor 01 (first partition on the first drive).
find(1) with the -inum option can be used to locate the file.SEE ALSO
proc(5)Linux man-pages 6.9.1 2024-05-02 proc_pid_exe(5)