Expand description
A pure-Rust library to work with Linux capabilities.
It provides support for manipulating capabilities available on modern Linux kernels. It supports traditional POSIX sets (Effective, Inheritable, Permitted) as well as Linux-specific Ambient and Bounding capabilities sets.
type ExResult<T> = Result<T, Box<dyn std::error::Error + 'static>>;
fn manipulate_caps() -> ExResult<()> {
use caps::{Capability, CapSet};
if caps::has_cap(None, CapSet::Permitted, Capability::CAP_SYS_NICE)? {
caps::drop(None, CapSet::Effective, Capability::CAP_SYS_NICE)?;
let effective = caps::read(None, CapSet::Effective)?;
assert_eq!(effective.contains(&Capability::CAP_SYS_NICE), false);
caps::clear(None, CapSet::Effective)?;
let cleared = caps::read(None, CapSet::Effective)?;
assert_eq!(cleared.is_empty(), true);
};
Ok(())
}
!
Modules
Error handling.
Detect kernel features at runtime.
Manipulate securebits flags
Enums
Linux capabilities sets.
Linux capabilities.
Functions
Return the set of all capabilities supported by this library.
Clear all capabilities in a set for a thread.
Drop a single capability from a set for a thread.
Check if a thread contains a capability in a set.
Raise a single capability in a set for a thread.
Return all capabilities in a set for a thread.
Set a capability set for a thread to a new value.
Convert an informal capability name into a canonical form.
Type Definitions
An HashSet
specialized on Capability
.