1CAP_FROM_TEXT(3) Linux Programmer's Manual CAP_FROM_TEXT(3)
2
6 cap_from_text, cap_to_text, cap_to_name, cap_from_name - capability
7 state textual representation translation
8
10 #include <sys/capability.h>
11 cap_t cap_from_text(const char* buf_p );
13 char *cap_to_text(cap_t caps, ssize_t * length_p);
14 int cap_from_name(const char* name , cap_value_t* cap_p);
15 char *cap_to_name(cap_value_t cap);
16 Link with -lcap.
17
19 These functions translate a capability state between an internal repre‐
20 sentation and a textual one. The internal representation is managed by
21 the capability functions in working storage. The textual representation
22 is a structured, human-readable string suitable for display.
23 cap_from_text() allocates and initializes a capability state in working
25 storage. It then sets the contents of this newly created capability
26 state to the state represented by a human-readable, nul-terminated
27 character string pointed to by buf_p. It returns a pointer to the
28 newly created capability state. When the capability state in working
29 storage is no longer required, the caller should free any releasable
30 memory by calling cap_free() with cap_t as an argument. The function
31 returns an error if it cannot parse the contents of the string pointed
32 to by buf_p or does not recognize any capability_name or flag character
33 as valid. The function also returns an error if any flag is both set
34 and cleared within a single clause.
35 cap_to_text() converts the capability state in working storage identi‐
37 fied by cap_p into a nul-terminated human-readable string. This func‐
38 tion allocates any memory necessary to contain the string, and returns
39 a pointer to the string. If the pointer len_p is not NULL, the func‐
40 tion shall also return the full length of the string (not including the
41 nul terminator) in the location pointed to by len_p. The capability
42 state in working storage, identified by cap_p, is completely repre‐
43 sented in the character string. When the capability state in working
44 storage is no longer required, the caller should free any releasable
45 memory by calling cap_free() with the returned string pointer as an
46 argument.
47 cap_from_name() converts a text representation of a capability, such as
49 "cap_chown", to its numerical representation (CAP_CHOWN=0), writing the
50 decoded value into *cap_p. If cap_p is NULL no result is written, but
51 the return code of the function indicates whether or not the specified
52 capability can be represented by the library.
53 cap_to_name() converts a capability index value, cap, to a libcap-allo‐
55 cated textual string. This string should be deallocated with
56 cap_free().
57
59 A textual representation of capability sets consists of one or more
60 whitespace-separated clauses. Each clause specifies some operations on
61 a capability set; the set starts out with all capabilities lowered, and
62 the meaning of the string is the state of the capability set after all
63 the clauses have been applied in order.
64 Each clause consists of a list of comma-separated capability names (or
66 the word `all'), followed by an action-list. An action-list consists
67 of a sequence of operator flag pairs. Legal operators are: `=', '+',
68 and `-'. Legal flags are: `e', `i', and `p'. These flags are case-
69 sensitive and specify the Effective, Inheritable and Permitted sets
70 respectively.
71 In the capability name lists, all names are case-insensitive. The spe‐
73 cial name `all' specifies all capabilities; it is equivalent to a list
74 naming every capability individually.
75 Unnamed capabilities can also be specified by number. This feature
77 ensures that libcap can support capabilities that were not allocated at
78 the time libcap was compiled. However, generally upgrading libcap will
79 add names for recently allocated capabilities.
80 The `=' operator indicates that the listed capabilities are first reset
82 in all three capability sets. The subsequent flags (which are optional
83 when associated with this operator) indicate that the listed capabili‐
84 ties for the corresponding set are to be raised. For example: "all=p"
85 means lower every capability in the Effective and Inheritable sets but
86 raise all of the Permitted capabilities; or, "cap_fowner=ep" means
87 raise the Effective and Permitted override-file-ownership capability,
88 while lowering this Inheritable capability.
89 In the case that the leading operator is `=', and no list of capabili‐
91 ties is provided, the action-list is assumed to refer to `all' capabil‐
92 ities. For example, the following three clauses are equivalent to each
93 other (and indicate a completely empty capability set): "all="; "=";
94 "cap_chown,<every-other-capability>=".
95 The operators, `+' and `-' both require an explicit preceding capabil‐
97 ity list and one or more explicit trailing flags. The `+' operator
98 will raise all of the listed capabilities in the flagged capability
99 sets. The `-' operator will lower all of the listed capabilities in
100 the flagged capability sets. For example: "all+p" will raise all of
101 the Permitted capabilities and "cap_fowner-i" will lower the override-
102 file-ownership in the Inheritable set.
103 The action list can consist of multiple operator flag pairs; the
105 actions are performed in left-to-right order. Thus, for example,
106 "cap_fowner+p-i" is equivalent to "cap_fowner+p cap_fowner-i". As
107 another example, "cap_fowner+pe-i" and "cap_fowner=+pe" are equivalent.
108
110 cap_from_text(), cap_to_text() and cap_to_name() return a non-NULL
111 value on success, and NULL on failure. cap_from_name() returns 0 for
112 success, and -1 on failure (unknown capability).
113 On failure, errno is set to EINVAL, or ENOMEM.
115
117 cap_from_text() and cap_to_text() are specified by the withdrawn
118 POSIX.1e draft specification. cap_from_name() and cap_to_name() are
119 Linux extensions.
120
122 The example program below demonstrates the use of cap_from_text() and
123 cap_to_text(). The following shell session shows some example runs:
124 $ ./a.out "cap_chown=p cap_chown+e"
126 caps_to_text() returned "cap_chown=ep"
127 $ ./a.out "all=pe cap_chown-e cap_kill-pe"
128 caps_to_text() returned "=ep cap_chown-e cap_kill-ep"
129 The source code of the program is as follows:
131 #include <stdlib.h>
133 #include <stdio.h>
134 #include <sys/capability.h>
135 #define handle_error(msg) \
137 do { perror(msg); exit(EXIT_FAILURE); } while (0)
138 int
140 main(int argc, char *argv[])
141 {
142 cap_t caps;
143 char *txt_caps;
144 if (argc != 2) {
146 fprintf(stderr, "%s <textual-cap-set>\n", argv[0]);
147 exit(EXIT_FAILURE);
148 }
149 caps = cap_from_text(argv[1]);
151 if (caps == NULL)
152 handle_error("cap_from_text");
153 txt_caps = cap_to_text(caps, NULL);
155 if (txt_caps == NULL)
156 handle_error("cap_to_text");
157 printf("caps_to_text() returned \"%s\"\n", txt_caps);
159 if (cap_free(txt_caps) != 0 || cap_free(caps) != 0)
161 handle_error("cap_free");
162 exit(EXIT_SUCCESS);
164 }
165
167 libcap(3), cap_clear(3), cap_copy_ext(3), cap_get_file(3),
168 cap_get_proc(3), cap_init(3), capabilities(7)
169 2008-05-10 CAP_FROM_TEXT(3)