Crate caps [] [src]

A pure-Rust library to work with Linux capabilities.

It provides support for manipulating capabilities available in modern Linux kernel. It supports traditional POSIX sets (Effective, Inheritable, Permitted) as well as Linux-specific Ambient and Bounding capabilities sets.

use caps::{Capability, CapSet};

fn manipulate_caps() {
    if caps::has_cap(None, CapSet::Permitted, Capability::CAP_SYS_NICE).unwrap() {
        caps::drop(None, CapSet::Effective, Capability::CAP_SYS_NICE).unwrap();
        let s = caps::read(None, CapSet::Effective).unwrap();
        assert_eq!(s.contains(&Capability::CAP_SYS_NICE), false);
        caps::clear(None, CapSet::Effective).unwrap();
    };
}

Modules

errors

Error handling.

runtime

Detect kernel features at runtime.

Enums

CapSet

Linux capabilities sets.

Capability

Linux capabilities.

Functions

all

Return an HashSet with all known capabilities.

clear

Clear all capabilities in a set for a thread.

drop

Drop a single capability from a set for a thread.

has_cap

Check if a thread contains a capability in a set.

raise

Raise a single capability in a set for a thread.

read

Return all capabilities in a set for a thread.

set

Set a capability set for a thread to a new value.

to_canonical

Convert an informal capability name into a canonical form.

Type Definitions

CapsHashSet

An HashSet specialized on Capability.