1 /* (c) Copyright Hewlett-Packard Development Company, L.P., 2007
3 * This program is free software: you can redistribute it and/or modify
4 * it under the terms of version 2 the GNU General Public License as
5 * published by the Free Software Foundation.
7 * This program is distributed in the hope that it will be useful,
8 * but WITHOUT ANY WARRANTY; without even the implied warranty of
9 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
10 * GNU General Public License for more details.
12 * You should have received a copy of the GNU General Public License
13 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 #include <sys/capability.h>
19 /* limit number of supplementary capabilities to 50 */
22 int translate_capability(char *);
24 int main(int argc
, char **argv
)
26 int exitval
, result
, i
, nr_caps
= 0;
28 cap_value_t cap_list
[MAX_CAPS
] = { 0 };
30 if ((argc
< 2) || (argc
- 1 > MAX_CAPS
)){
31 fprintf(stderr
, "Usage:\n%s <capability> [capability]... (max %d)\n",
36 for (i
= 1; i
< argc
; i
++) {
37 exitval
= translate_capability(argv
[i
]);
40 fprintf(stderr
, "Usage:\n%s: unknown capability: %s\n", argv
[0], argv
[i
]);
44 cap_list
[nr_caps
] = exitval
;
48 caps
= cap_get_proc();
50 perror("do_capset: cap_get_proc");
53 cap_set_flag(caps
, CAP_EFFECTIVE
, nr_caps
, cap_list
, CAP_SET
);
56 exitval
= cap_set_proc(caps
);
61 printf("%d %d %d\n", result
, result
? errno
: exitval
, getpid());
65 int translate_capability(char *capstr
) {
66 if (!strcmp(capstr
, "cap_chown")) {
68 } else if (!strcmp(capstr
, "cap_dac_override")) {
69 return CAP_DAC_OVERRIDE
;
70 } else if (!strcmp(capstr
, "cap_dac_read_search")) {
71 return CAP_DAC_READ_SEARCH
;
72 } else if (!strcmp(capstr
, "cap_fowner")) {
74 } else if (!strcmp(capstr
, "cap_fsetid")) {
76 } else if (!strcmp(capstr
, "cap_kill")) {
78 } else if (!strcmp(capstr
, "cap_setgid")) {
80 } else if (!strcmp(capstr
, "cap_setuid")) {
82 } else if (!strcmp(capstr
, "cap_setcap")) {
84 } else if (!strcmp(capstr
, "cap_linux_immutable")) {
85 return CAP_LINUX_IMMUTABLE
;
86 } else if (!strcmp(capstr
, "cap_net_bind_service")) {
87 return CAP_NET_BIND_SERVICE
;
88 } else if (!strcmp(capstr
, "cap_net_broadcast")) {
89 return CAP_NET_BROADCAST
;
90 } else if (!strcmp(capstr
, "cap_net_admin")) {
92 } else if (!strcmp(capstr
, "cap_net_raw")) {
94 } else if (!strcmp(capstr
, "cap_ipc_lock")) {
96 } else if (!strcmp(capstr
, "cap_ipc_owner")) {
98 } else if (!strcmp(capstr
, "cap_sys_module")) {
99 return CAP_SYS_MODULE
;
100 } else if (!strcmp(capstr
, "cap_sys_rawio")) {
101 return CAP_SYS_RAWIO
;
102 } else if (!strcmp(capstr
, "cap_sys_chroot")) {
103 return CAP_SYS_CHROOT
;
104 } else if (!strcmp(capstr
, "cap_sys_ptrace")) {
105 return CAP_SYS_PTRACE
;
106 } else if (!strcmp(capstr
, "cap_sys_pacct")) {
107 return CAP_SYS_PACCT
;
108 } else if (!strcmp(capstr
, "cap_sys_admin")) {
109 return CAP_SYS_ADMIN
;
110 } else if (!strcmp(capstr
, "cap_sys_boot")) {
112 } else if (!strcmp(capstr
, "cap_sys_nice")) {
114 } else if (!strcmp(capstr
, "cap_sys_resource")) {
115 return CAP_SYS_RESOURCE
;
116 } else if (!strcmp(capstr
, "cap_sys_time")) {
118 } else if (!strcmp(capstr
, "cap_sys_tty_config")) {
119 return CAP_SYS_TTY_CONFIG
;
120 } else if (!strcmp(capstr
, "cap_mknod")) {
122 } else if (!strcmp(capstr
, "cap_lease")) {
124 } else if (!strcmp(capstr
, "cap_audit_write")) {
125 return CAP_AUDIT_WRITE
;
126 } else if (!strcmp(capstr
, "cap_audit_control")) {
127 return CAP_AUDIT_CONTROL
;