* [PATCH 3/3] exporting capability code/name pairs (try 2nd)
@ 2008-01-25 5:18 Kohei KaiGai
0 siblings, 0 replies; only message in thread
From: Kohei KaiGai @ 2008-01-25 5:18 UTC (permalink / raw)
To: morgan; +Cc: akpm, serue, jmorris, linux-kernel, linux-security-module
We can apply this patch to libcap.
This patch enables setcap command to print the list
of capabilities running kernel supported, if the kernel
exports capability code/name pairs.
It is useful to confirm the name of capability when setting.
Thanks,
----
Signed-off-by: KaiGai Kohei <kaigai@ak.jp.nec.com>
diff --git a/progs/setcap.c b/progs/setcap.c
index dc13c06..1b9ed45 100644
--- a/progs/setcap.c
+++ b/progs/setcap.c
@@ -4,6 +4,7 @@
* This sets the capabilities of a given file.
*/
+#include <dirent.h>
#include <errno.h>
#include <stdio.h>
#include <string.h>
@@ -13,10 +14,34 @@
static void usage(void)
{
+ DIR *dirp;
+
fprintf(stderr,
"usage: setcap [-q] (-r|-|<caps>) <filename> "
"[ ... (-r|-|<capsN>) <filenameN> ]\n"
);
+
+ dirp = opendir("/sys/kernel/capability");
+ if (dirp) {
+ struct dirent *dent;
+ int len, width = 99999;
+
+ fprintf(stderr,
+ "\nsupported capabilities:");
+ while ((dent = readdir(dirp)) != NULL) {
+ if (!!strncmp("cap_", dent->d_name, 4))
+ continue;
+ len = strlen(dent->d_name);
+ if (width + len > 72) {
+ fprintf(stderr, "\n\t");
+ width = 8;
+ }
+ fprintf(stderr, "%s ", dent->d_name);
+ width += len;
+ }
+ fputc('\n', stderr);
+ closedir(dirp);
+ }
exit(1);
}
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2008-01-25 5:19 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-01-25 5:18 [PATCH 3/3] exporting capability code/name pairs (try 2nd) Kohei KaiGai
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox