CAP_GET_FD(3C) CAP_GET_FD(3C)
cap_get_fd, cap_set_fd - get or set the capabilities for an open file
#include <sys/capability.h>
cap_t cap_get_fd(int fd);
int cap_set_fd(int fd, cap_t cap);
cap_get_fd returns a pointer to an allocated cap_t associated with the
open file referred to by fd. If there is no capability set associated
with the file, cap_get_fd returns a NULL pointer and sets errno to
ENOATTR.
cap_set_fd sets the capabilities for the open file referred to by fd from
the cap_t cap. For this function to succeed, the process calling it must
have the CAP_SETFCAP capability enabled and either the effective user ID
of the process must match the file owner or the calling process must have
the effective CAP_FOWNER capability flag set. In addition, if _POSIX_MAC
is defined, then the process must have MAC write access to the file.
cap_get_fd returns a pointer to an allocated cap_t if successful, NULL
otherwise. The storage should be freed with a call to cap_free with the
returned pointer as an argument when it is no longer needed.
cap_set_fd returns 0 if successful, -1 otherwise.
cap_get_fd:
ENOATTR There is no capability set associated with the file.
EACCESS Access to the object is denied.
EBADF fd is not a valid file descriptor.
ENOMEM allocation of the cap_t failed.
ENOSYS Capability support is not available (not installed).
cap_set_fd:
EACCESS Access to the object is denied.
EBADF fd is not a valid file descriptor.
EINVAL cap is not valid
Page 1
CAP_GET_FD(3C) CAP_GET_FD(3C)
ENOSYS Capability support is not available (not installed).
EPERM The process does not have appropriate privilege or does
not meet other restrictions imposed by the implementation
to perform the operation.
EROFS fd refers to a file on a read only file system.
capabilities(4)
P�P�P�Pa�a�a�ag�g�g�ge�e�e�e 2�2�2�2 [ Back ]
|
