(/usr/bin/git)

Header defining functions to modify capabilities. More...

#include <stdbool.h>
#include <stdint.h>
#include <sys/capability.h>
#include <sys/syscall.h>

Include dependency graph for capabilities.h:

This graph shows which files directly or indirectly include this file:

Functions
int	crinitCapConvertToBitmask (uint64_t bitmask, const char capabilities)

int	crinitCapGetInheritable (pid_t pid, uint64_t *result)

bool	crinitCapIsCapsetEffective (cap_value_t cap, pid_t pid)

int	crinitCapSetAmbient (uint64_t capMask)

int	crinitCapSetInheritable (uint64_t capMask)

int	crinitCapRetainPermitted ()

Detailed Description

Header defining functions to modify capabilities.

Function Documentation

◆ crinitCapConvertToBitmask()

int crinitCapConvertToBitmask	(	uint64_t *	bitmask,
		const char *	capabilities
	)

Convert capability names to integral value and set it in bitmask.

Parameters

bitmask	Bitmask to maintain capability settings.
capabilities	Array of capability names

Returns: 0 if each capability could be converted and set in the bitmask, -1 otherwise.

◆ crinitCapGetInheritable()

int crinitCapGetInheritable	(	pid_t	pid,
		uint64_t *	result
	)

Get a process' inheritable capability set

Parameters

pid	The ID of the process whose capabilities are retrieved.
result	Pointer to result bitmask that holds the inheritable capability set.

Returns: 0 on success, -1 on error

◆ crinitCapIsCapsetEffective()

bool crinitCapIsCapsetEffective	(	cap_value_t	cap,
		pid_t	pid
	)

Test if a capability is set in a process' effective capability set.

Parameters

cap	The capability to test.
pid	The ID of the process whose capabilities are checked.

Returns: true if capability is set, false else

◆ crinitCapRetainPermitted()

int crinitCapRetainPermitted ( )

Configure a process to retain its permitted set of capabilities.

Returns: 0 on success, -1 on error

◆ crinitCapSetAmbient()

int crinitCapSetAmbient ( uint64_t capMask )

Set a process' ambient capability set

Parameters

capMask The capability set encoded as a bitmask

Returns: 0 on success, -1 on error

◆ crinitCapSetInheritable()

int crinitCapSetInheritable ( uint64_t capMask )

Set a process' inheritable capability set

Parameters

capMask The capability set encoded as a bitmask

Returns: 0 on success, -1 on error

(/usr/bin/git)

Functions

Detailed Description

Function Documentation

◆ crinitCapConvertToBitmask()

◆ crinitCapGetInheritable()

◆ crinitCapIsCapsetEffective()

◆ crinitCapRetainPermitted()

◆ crinitCapSetAmbient()

◆ crinitCapSetInheritable()