Databases
StackOverflow2013
Postsdbo
PO
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PO
    text
    copied!<p>It is the same as for temporary files.</p> <p>Recall that a usual way to create some temporary file is to <a href="http://man7.org/linux/man-pages/man2/open.2.html" rel="nofollow">open(2)</a> a file (keeping its file descriptor), then <a href="http://man7.org/linux/man-pages/man2/unlink.2.html" rel="nofollow">unlink(2)</a> (while still having an open file descriptor). Then the data of the file remains in the file system as long as the process is running and have not <a href="http://man7.org/linux/man-pages/man2/close.2.html" rel="nofollow">close(2)</a>-d that file descriptor.</p> <p>This is because files really are <a href="https://en.wikipedia.org/wiki/Inode" rel="nofollow">inodes</a> -not file names in directories. (directories contain entries associating names to inodes).</p> <p>The kernel manages the set of "used" (or "opened") inodes, and that set contains the inodes executed by processes (actually, the inodes involved in some address mapping like thru <a href="http://man7.org/linux/man-pages/man2/mmap.2.html" rel="nofollow">mmap(2)</a> or <a href="http://man7.org/linux/man-pages/man2/execve.2.html" rel="nofollow">execve(2)</a>)</p> <p>So just after <code>/bin/rm /bin/rm</code> starts, the kernel has one reference to <code>rm</code> binary as the executable of the process.</p> <p>When it processes the <code>unlink</code> syscall, it has temporarily two references (one being the process in execution, the other the path <code>/bin/rm</code> passed to <code>unlink</code> kernel implementation) and decreases it to one.</p> <p><sup>Of course you should avoid typing <code>/bin/rm /bin/rm</code> but then you usually have some standalone shell like <code>sash</code> to be able to repair your system.</sup></p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload