160 lines
4.4 KiB
HTML
160 lines
4.4 KiB
HTML
|
|
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
|
|
<HTML><HEAD><TITLE>Man page of GETPCAPS</TITLE>
|
|
</HEAD><BODY>
|
|
<H1>GETPCAPS</H1>
|
|
Section: GETPCAPS (1)<BR>Updated: 09/23/2011<BR><A HREF="#index">Index</A>
|
|
<A HREF="/cgi-bin/man/man2html">Return to Main Contents</A><HR>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
<A NAME="lbAB"> </A>
|
|
<H2>NAME</H2>
|
|
|
|
getpcaps - List Process Capabilities
|
|
<A NAME="lbAC"> </A>
|
|
<H2>SYNOPSIS</H2>
|
|
|
|
<DL COMPACT>
|
|
<DT id="1">
|
|
<B>getpcaps</B> <pid> [<pid> ...]
|
|
</DL>
|
|
<A NAME="lbAD"> </A>
|
|
<H2>DESCRIPTION</H2>
|
|
|
|
<P>
|
|
|
|
<B>getpcaps</B>
|
|
<DD>is a simple utility to display the capabilities on the queried process(es).
|
|
The capabilities are displayed in the <A HREF="/cgi-bin/man/man2html?3+cap_from_text">cap_from_text</A>(3) format, portions
|
|
of which are reproduced in the section "TEXTUAL REPRESENTATION" below.
|
|
|
|
|
|
|
|
|
|
<A NAME="lbAE"> </A>
|
|
<H2>TEXTUAL REPRESENTATION</H2>
|
|
|
|
A textual representation of capability sets consists of one or more
|
|
whitespace-separated
|
|
<I>clauses</I>.
|
|
|
|
Each clause specifies some operations on a capability set; the set
|
|
starts out with all capabilities lowered, and the meaning of the
|
|
string is the state of the capability set after all the clauses have
|
|
been applied in order.
|
|
<P>
|
|
|
|
Each clause consists of a list of comma-separated capability names
|
|
(or the word
|
|
`<B>all</B>'),
|
|
|
|
followed by an
|
|
<I>action-list</I>.
|
|
|
|
An action-list consists of a sequence of
|
|
<I>operator flag</I>
|
|
|
|
pairs. Legal operators are:
|
|
`<B>=</B>', '<B>+</B>', and `<B>-</B>'.
|
|
|
|
Legal flags are:
|
|
`<B>e</B>', `<B>i</B>', and `<B>p</B>'.
|
|
|
|
These flags are case-sensitive and specify the Effective, Inheritable
|
|
and Permitted sets respectively.
|
|
<P>
|
|
|
|
In the capability name lists, all names are case-insensitive. The
|
|
special name
|
|
`<B>all</B>'
|
|
|
|
specifies all capabilities; it is equivalent to a list naming every
|
|
capability individually.
|
|
<P>
|
|
|
|
Unnamed capabilities can also be specified by number. This feature
|
|
ensures that libcap can support capabilities that were not allocated
|
|
at the time libcap was compiled. However, generally upgrading libcap
|
|
will add names for recently allocated capabilities.
|
|
<P>
|
|
|
|
The
|
|
`<B>=</B>'
|
|
|
|
operator indicates that the listed capabilities are first reset in
|
|
all three capability sets. The subsequent flags (which are optional
|
|
when associated with this operator) indicate that the listed
|
|
capabilities for the corresponding set are to be raised. For example:
|
|
"all=p" means lower every capability in the Effective and Inheritable
|
|
sets but raise all of the Permitted capabilities;
|
|
or, "cap_fowner=ep" means raise the Effective and Permitted
|
|
override-file-ownership capability, while lowering this Inheritable
|
|
capability.
|
|
<P>
|
|
|
|
In the case that the leading operator is
|
|
`<B>=</B>',
|
|
|
|
and no list of capabilities is provided, the action-list is assumed to
|
|
refer to `all' capabilities. For example, the following three
|
|
clauses are equivalent to each other (and indicate a completely empty
|
|
capability set): "all="; "="; "cap_chown,<every-other-capability>=".
|
|
<P>
|
|
|
|
The operators, `+' and `-' both require an explicit preceding
|
|
capability list and one or more explicit trailing flags. The `+'
|
|
operator will raise all of the listed capabilities in the flagged
|
|
capability sets. The `-' operator will lower all of the listed
|
|
capabilities in the flagged capability sets. For example:
|
|
"all+p" will raise all of the Permitted capabilities; "cap_fowner+p-i"
|
|
will raise the override-file-ownership capability in the Permitted
|
|
capability set and lower this Inheritable capability;
|
|
"cap_fowner+pe-i" and "cap_fowner=+pe" are equivalent.
|
|
<A NAME="lbAF"> </A>
|
|
<H2>FILES</H2>
|
|
|
|
<P>
|
|
|
|
None
|
|
<A NAME="lbAG"> </A>
|
|
<H2>SEE ALSO</H2>
|
|
|
|
<P>
|
|
|
|
<B><A HREF="/cgi-bin/man/man2html?3+cap_from_text">cap_from_text</A></B>(3).
|
|
<A NAME="lbAH"> </A>
|
|
<H2>COPYRIGHT</H2>
|
|
|
|
Copyright © 1997-8,2007 Andrew G. Morgan <<A HREF="mailto:morgan@kernel.org">morgan@kernel.org</A>>
|
|
<BR>
|
|
|
|
<P>
|
|
|
|
<HR>
|
|
<A NAME="index"> </A><H2>Index</H2>
|
|
<DL>
|
|
<DT id="2"><A HREF="#lbAB">NAME</A><DD>
|
|
<DT id="3"><A HREF="#lbAC">SYNOPSIS</A><DD>
|
|
<DT id="4"><A HREF="#lbAD">DESCRIPTION</A><DD>
|
|
<DT id="5"><A HREF="#lbAE">TEXTUAL REPRESENTATION</A><DD>
|
|
<DT id="6"><A HREF="#lbAF">FILES</A><DD>
|
|
<DT id="7"><A HREF="#lbAG">SEE ALSO</A><DD>
|
|
<DT id="8"><A HREF="#lbAH">COPYRIGHT</A><DD>
|
|
</DL>
|
|
<HR>
|
|
This document was created by
|
|
<A HREF="/cgi-bin/man/man2html">man2html</A>,
|
|
using the manual pages.<BR>
|
|
Time: 00:05:13 GMT, March 31, 2021
|
|
</BODY>
|
|
</HTML>
|