caps

package module

v0.0.0-...-9b7942c Latest Latest Go to latest Published: Jan 11, 2019 License: MIT Imports: 5 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/Pluggi/go-caps

Links

Open Source Insights

README ¶

go-caps

Bindings to the libcap library

Installing

go get github.com/Pluggi/go-caps

Documentation ¶

Index ¶

Constants
Variables
func Compare(a, b Cap) error
func SetFile(f *os.File, c Cap) error
type Cap
type CapFlag
type CapFlagValue
type CapValue
- func FromName(name string) (CapValue, error)
- func (value CapValue) String() string

Constants ¶

View Source

const (
	CAP_CHOWN            = CapValue(C.CAP_CHOWN)
	CAP_DAC_OVERRIDE     = CapValue(C.CAP_DAC_OVERRIDE)
	CAP_DAC_READ_SEARCH  = CapValue(C.CAP_DAC_READ_SEARCH)
	CAP_FOWNER           = CapValue(C.CAP_FOWNER)
	CAP_FSETID           = CapValue(C.CAP_FSETID)
	CAP_KILL             = CapValue(C.CAP_KILL)
	CAP_SETGID           = CapValue(C.CAP_SETGID)
	CAP_SETUID           = CapValue(C.CAP_SETUID)
	CAP_SETPCAP          = CapValue(C.CAP_SETPCAP)
	CAP_LINUX_IMMUTABLE  = CapValue(C.CAP_LINUX_IMMUTABLE)
	CAP_NET_BIND_SERVICE = CapValue(C.CAP_NET_BIND_SERVICE)
	CAP_NET_BROADCAST    = CapValue(C.CAP_NET_BROADCAST)
	CAP_NET_ADMIN        = CapValue(C.CAP_NET_ADMIN)
	CAP_NET_RAW          = CapValue(C.CAP_NET_RAW)
	CAP_IPC_LOCK         = CapValue(C.CAP_IPC_LOCK)
	CAP_IPC_OWNER        = CapValue(C.CAP_IPC_OWNER)
	CAP_SYS_MODULE       = CapValue(C.CAP_SYS_MODULE)
	CAP_SYS_RAWIO        = CapValue(C.CAP_SYS_RAWIO)
	CAP_SYS_CHROOT       = CapValue(C.CAP_SYS_CHROOT)
	CAP_SYS_PTRACE       = CapValue(C.CAP_SYS_PTRACE)
	CAP_SYS_PACCT        = CapValue(C.CAP_SYS_PACCT)
	CAP_SYS_ADMIN        = CapValue(C.CAP_SYS_ADMIN)
	CAP_SYS_BOOT         = CapValue(C.CAP_SYS_BOOT)
	CAP_SYS_NICE         = CapValue(C.CAP_SYS_NICE)
	CAP_SYS_RESOURCE     = CapValue(C.CAP_SYS_RESOURCE)
	CAP_SYS_TIME         = CapValue(C.CAP_SYS_TIME)
	CAP_SYS_TTY_CONFIG   = CapValue(C.CAP_SYS_TTY_CONFIG)
	CAP_MKNOD            = CapValue(C.CAP_MKNOD)
	CAP_LEASE            = CapValue(C.CAP_LEASE)
	CAP_AUDIT_WRITE      = CapValue(C.CAP_AUDIT_WRITE)
	CAP_AUDIT_CONTROL    = CapValue(C.CAP_AUDIT_CONTROL)
	CAP_SETFCAP          = CapValue(C.CAP_SETFCAP)
	CAP_MAC_OVERRIDE     = CapValue(C.CAP_MAC_OVERRIDE)
	CAP_MAC_ADMIN        = CapValue(C.CAP_MAC_ADMIN)
	CAP_SYSLOG           = CapValue(C.CAP_SYSLOG)
	CAP_WAKE_ALARM       = CapValue(C.CAP_WAKE_ALARM)
	CAP_BLOCK_SUSPEND    = CapValue(C.CAP_BLOCK_SUSPEND)
	CAP_AUDIT_READ       = CapValue(C.CAP_AUDIT_READ)
)

Generated using

awk '$1 == "#define" &&                                    \
     $2 ~ /^CAP_\w+$/ &&                                   \
     $2 != "CAP_LAST_CAP"                                  \
     { printf("%-20s%s= CapValue(C.%s)\n", $2, " ", $2) }' \
     /usr/include/linux/capability.h

View Source

const (
	CAP_EFFECTIVE   = CapFlag(C.CAP_EFFECTIVE)
	CAP_PERMITTED   = CapFlag(C.CAP_PERMITTED)
	CAP_INHERITABLE = CapFlag(C.CAP_INHERITABLE)
)

View Source

const (
	CAP_CLEAR = CapFlagValue(C.CAP_CLEAR)
	CAP_SET   = CapFlagValue(C.CAP_SET)
)

Variables ¶

View Source

var (
	ErrCapNotEqual = errors.New("Capabilities not equal")
)

Functions ¶

func Compare ¶

func Compare(a, b Cap) error

Compare() compares two full capability sets and returns nil if the two capability sets are identical.

A difference between the two sets returns ErrCapNotEqual.

func SetFile ¶

func SetFile(f *os.File, c Cap) error

SetFile set the values for all capability flags for all capabilities for the file with the given capability state.

For this functions to succeed, the calling process must have the effective capability, CAP_SETFCAP, enabled and either the effective user ID of the process must match the file owner or the calling process must have the CAP_FOWNER flag in its effective capability set. The effects of writing the capability state to any file type other than a regular file are undefined.

Types ¶

type Cap ¶

type Cap struct {
	// contains filtered or unexported fields
}

Wrapping structure for cap_t

func FromText ¶

func FromText(text string) (*Cap, error)

FromText() returns a capability set reflecting the state represented by a human-readable capability set.

func GetFile ¶

func GetFile(f *os.File) (*Cap, error)

GetFile reads a capability state from the given file.

The effects of reading the capability state from any file other than a regular file is undefined.

func GetFilePath ¶

func GetFilePath(path string) (*Cap, error)

GetFilePath reads a capability state from the given file.

The effects of reading the capability state from any file other than a regular file is undefined.

func GetPid ¶

func GetPid(pid int) (*Cap, error)

GetPid() returns a capability set reflecting the capabilities of the process indicated by pid.

This information can also be obtained from the /proc/<pid>/status file.

func GetProc ¶

func GetProc() (*Cap, error)

GetProc() returns a capability set reflecting the capabilities of the calling process.

func NewCap ¶

func NewCap() Cap

NewCap() allocates a new Cap structure.

func (Cap) Clear ¶

func (c Cap) Clear() error

Clear() initializes the capability state in working storage so that all capability flags are cleared.

func (Cap) ClearFlag ¶

func (c Cap) ClearFlag(flag CapFlag) error

ClearFlag() clears all of the capabilities of the specified capability flag.

func (Cap) GetFlag ¶

func (c Cap) GetFlag(cap_value CapValue, flag CapFlag) (CapFlagValue, error)

GetFlag() returns the current value of the capability flag.

func (Cap) SetFilePath ¶

func (c Cap) SetFilePath(path string) error

SetFilePath set the values for all capability flags for all capabilities for the file with the given capability state.

For this functions to succeed, the calling process must have the effective capability, CAP_SETFCAP, enabled and either the effective user ID of the process must match the file owner or the calling process must have the CAP_FOWNER flag in its effective capability set. The effects of writing the capability state to any file type other than a regular file are undefined.

func (Cap) SetFlag ¶

func (c Cap) SetFlag(flag CapFlag, caps []CapValue, value CapFlagValue) error

SetFlag() sets the flag of each capability in the slice caps to the CapFlagValue value.

func (Cap) SetProc ¶

func (c Cap) SetProc() error

SetProc() sets the capabilities of the calling process.

If any flag is set for any capability not currently permitted for the calling process, the function will fail, and the capability state of the process will remain unchanged.

func (Cap) String ¶

func (c Cap) String() (string, error)

Returns a human-readable string of the capability set.

Equivalent to cap_to_text(cap_t, ssize_t)

type CapFlag ¶

type CapFlag int

Equivalent of cap_flag_t

type CapFlagValue ¶

type CapFlagValue int

Equivalent of cap_flag_value_t

type CapValue ¶

type CapValue int

Equivalent of cap_value_t

func FromName ¶

func FromName(name string) (CapValue, error)

FromName() converts a text representation of a capability, such as "cap_chown", to a CapValue.

func (CapValue) String ¶

func (value CapValue) String() string

Converts a CapValue to a string

Equivalent to cap_to_name(cap_value_t)

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL