cap_clear(3) -- Linux man page
NAME
cap_clear, cap_get_flag, cap_set_flag - capability data object manipulation
SYNOPSIS
#include <sys/capability.h>
int cap_clear(cap_t cap_p);
int cap_get_flag(cap_t cap_p, cap_value_t cap, cap_flag_t flag, cap_flag_value_t *value_p);
int cap_set_flag(cap_t cap_p, cap_flag_t flag, int ncap, cap_value_t *caps, cap_flag_value_t value);
USAGE
cc ... -lcap
DESCRIPTION
cap_clear
initializes the capability state in working storage identified by
cap_p
in such a way that all capability flags are cleared.
cap_get_flag
obtains the current value of the capability flag,
flag,
of the capability,
cap,
from the capability state identified by
cap_p
and places it in the location pointed to by
value_p.
cap_set_flag
sets the flag,
flag,
of each capability in the array
caps
in the capability state identified by
cap_p
to
value.
The argument,
ncap,
is used to specify the number of capabilities in the array,
caps.
A
cap_value_t
can identify any capability, such as
CAP_CHOWN.
A
cap_flag_t
can be set to
CAP_EFFECTIVE,
CAP_INHERITABLE
or
CAP_PERMITTED.
A
cap_flag_value_t
can be
CAP_CLEAR
(0) or
CAP_SET
(1).
RETURN VALUE
cap_clear,
cap_get_flag
and
cap_set_flag
return zero on success, and -1 on failure.
On failure,
errno(3)
is set to
EINVAL,
indicating that one of the arguments is invalid.
CONFORMING TO
These functions are specified by POSIX.1e.
SEE ALSO
cap_copy_ext(3),
cap_from_text(3),
cap_get_file(3),
cap_get_proc(3),
cap_init(3)
|
