Struct capctl::caps::FileCaps

#[non_exhaustive]pub struct FileCaps {
    pub effective: bool,
    pub permitted: CapSet,
    pub inheritable: CapSet,
    pub rootid: Option<uid_t>,
}

Represents the capabilities attached to a file.

Fields (Non-exhaustive)

Non-exhaustive structs could have additional fields added in future. Therefore, non-exhaustive structs cannot be constructed in external crates using the traditional Struct { .. } syntax; cannot be matched against without a wildcard ..; and struct update syntax will not work.

effective: bool

The "effective" bit. If this is set on a file, then during an execve() the kernel will raise all the capabilities from the file's permitted set in the process's new effective capability set.

permitted: CapSet

The permitted capability set. These capabilities are automatically added to the process's new permitted capability set.

inheritable: CapSet

The inheritable capability set. These capabilities are automatically added to the process's new inheritable capability set.

rootid: Option<uid_t>

The root user ID of the user namespace in which file capabilities were added to this file. See capabilities(7) for more details. This is only set to a non-None value for version 3 file capabilities.

Implementations

impl FileCaps

pub fn empty() -> Self

Construct an empty FileCaps object.

pub fn get_for_file<P: AsRef<OsStr>>(path: P) -> Result<Option<Self>>

Get the file capabilities attached to the file identified by path.

If an error occurs while retrieving information on the capabilities from the given file, this method returns Err(<error>). Otherwise, if the given file has no file capabilities attached, this method returns Ok(None). Otherwise, this method returns Ok(Some(<capabilities>)).

pub fn get_for_fd(fd: RawFd) -> Result<Option<Self>>

Get the file capabilities attached to the open file identified by the file descriptor fd.

See get_for_file() for more information.

pub fn unpack_attrs(attrs: &[u8]) -> Result<Self>

From the raw data from the security.capability extended attribute of a file, construct a new FileCaps object representing the same data.

Most users should call get_for_file() or get_for_fd(); those methods call this method internally.

Trait Implementations

impl Clone for FileCaps

fn clone(&self) -> FileCaps

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Copy for FileCaps

impl Debug for FileCaps

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Eq for FileCaps

impl Hash for FileCaps

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H) where
    H: Hasher, 

Feeds a slice of this type into the given Hasher.

impl PartialEq<FileCaps> for FileCaps

fn eq(&self, other: &FileCaps) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &FileCaps) -> bool

This method tests for !=.

impl StructuralEq for FileCaps

impl StructuralPartialEq for FileCaps