demo/
demo.rs

1// Note - You may have to build and run this as root to successfully
2// apply the capability set.
3extern crate capabilities;
4
5use capabilities::{Capability, Capabilities, Flag};
6
7fn main() {
8
9    let mut capability_set = Capabilities::new().unwrap();
10    capability_set.reset_all();
11
12    let flags = [Capability::CAP_CHOWN, Capability::CAP_SETUID, Capability::CAP_SYS_RESOURCE];
13
14    capability_set.update(&flags, Flag::Permitted, true);
15    capability_set.update(&flags, Flag::Effective, true);
16    capability_set.update(&[Capability::CAP_SYS_TIME], Flag::Permitted, true);
17
18    println!("Working set - {}", capability_set);
19
20    match capability_set.apply() {
21        Ok(_) => {
22            let current = Capabilities::from_current_proc().unwrap();
23            println!("Current - {}", current);
24        }
25        Err(e) => {
26            println!("Unable to apply capabilities - {}", e.to_string());
27        }
28    }
29}
demo/demo.rs

demo/
demo.rs
