blob: 61c5b127192369bd8b6e3aa7e79e300aaac4582c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
/*
* Copyright (c) 1997-8,2007 Andrew G Morgan <morgan@kernel.org>
*
* This file deals with setting capabilities on processes.
*/
#include "libcap.h"
cap_t cap_get_proc(void)
{
cap_t result;
/* allocate a new capability set */
result = cap_init();
if (result) {
_cap_debug("getting current process' capabilities");
/* fill the capability sets via a system call */
if (capget(&result->head, &result->u[0].set)) {
cap_free(result);
result = NULL;
}
}
return result;
}
int cap_set_proc(cap_t cap_d)
{
int retval;
if (!good_cap_t(cap_d)) {
errno = EINVAL;
return -1;
}
_cap_debug("setting process capabilities");
retval = capset(&cap_d->head, &cap_d->u[0].set);
return retval;
}
/* the following two functions are not required by POSIX */
/* read the caps on a specific process */
int capgetp(pid_t pid, cap_t cap_d)
{
int error;
if (!good_cap_t(cap_d)) {
errno = EINVAL;
return -1;
}
_cap_debug("getting process capabilities for proc %d", pid);
cap_d->head.pid = pid;
error = capget(&cap_d->head, &cap_d->u[0].set);
cap_d->head.pid = 0;
return error;
}
/* set the caps on a specific process/pg etc.. */
int capsetp(pid_t pid, cap_t cap_d)
{
int error;
if (!good_cap_t(cap_d)) {
errno = EINVAL;
return -1;
}
_cap_debug("setting process capabilities for proc %d", pid);
cap_d->head.pid = pid;
error = capset(&cap_d->head, &cap_d->u[0].set);
cap_d->head.version = _LIBCAP_CAPABILITY_VERSION;
cap_d->head.pid = 0;
return error;
}
|
