Struct rustix::thread::CapabilitiesSecureBits

pub struct CapabilitiesSecureBits { /* private fields */ }

Available on crate feature thread only.

SECBIT_*.

Implementations

impl CapabilitiesSecureBits

pub const NO_ROOT: Self = _

If this bit is set, then the kernel does not grant capabilities when a set-user-ID-root program is executed, or when a process with an effective or real UID of 0 calls execve.

pub const NO_ROOT_LOCKED: Self = _

Set [NO_ROOT] irreversibly.

pub const NO_SETUID_FIXUP: Self = _

Setting this flag stops the kernel from adjusting the process’s permitted, effective, and ambient capability sets when the thread’s effective and filesystem UIDs are switched between zero and nonzero values.

pub const NO_SETUID_FIXUP_LOCKED: Self = _

Set [NO_SETUID_FIXUP] irreversibly.

pub const KEEP_CAPS: Self = _

Setting this flag allows a thread that has one or more 0 UIDs to retain capabilities in its permitted set when it switches all of its UIDs to nonzero values.

pub const KEEP_CAPS_LOCKED: Self = _

Set [KEEP_CAPS] irreversibly.

pub const NO_CAP_AMBIENT_RAISE: Self = _

Setting this flag disallows raising ambient capabilities via the prctl’s PR_CAP_AMBIENT_RAISE operation.

pub const NO_CAP_AMBIENT_RAISE_LOCKED: Self = _

Set [NO_CAP_AMBIENT_RAISE] irreversibly.

pub const fn empty() -> Self

Returns an empty set of flags.

pub const fn all() -> Self

Returns the set containing all flags.

pub const fn bits(&self) -> u32

Returns the raw value of the flags currently stored.

pub const fn from_bits(bits: u32) -> Option<Self>

Convert from underlying bit representation, unless that representation contains bits that do not correspond to a flag.

pub const fn from_bits_truncate(bits: u32) -> Self

Convert from underlying bit representation, dropping any bits that do not correspond to flags.

pub const unsafe fn from_bits_unchecked(bits: u32) -> Self

Convert from underlying bit representation, preserving all bits (even those not corresponding to a defined flag).

Safety

The caller of the bitflags! macro can chose to allow or disallow extra bits for their bitflags type.

The caller of from_bits_unchecked() has to ensure that all bits correspond to a defined flag or that extra bits are valid for this bitflags type.

pub const fn is_empty(&self) -> bool

Returns true if no flags are currently stored.

pub const fn is_all(&self) -> bool

Returns true if all flags are currently set.

pub const fn intersects(&self, other: Self) -> bool

Returns true if there are flags common to both self and other.

pub const fn contains(&self, other: Self) -> bool

Returns true if all of the flags in other are contained within self.

pub fn insert(&mut self, other: Self)

Inserts the specified flags in-place.

pub fn remove(&mut self, other: Self)

Removes the specified flags in-place.

pub fn toggle(&mut self, other: Self)

Toggles the specified flags in-place.

pub fn set(&mut self, other: Self, value: bool)

Inserts or removes the specified flags depending on the passed value.

pub const fn intersection(self, other: Self) -> Self

Returns the intersection between the flags in self and other.

Specifically, the returned set contains only the flags which are present in both self and other.

This is equivalent to using the & operator (e.g. ops::BitAnd), as in flags & other.

pub const fn union(self, other: Self) -> Self

Returns the union of between the flags in self and other.

Specifically, the returned set contains all flags which are present in either self or other, including any which are present in both (see Self::symmetric_difference if that is undesirable).

This is equivalent to using the | operator (e.g. ops::BitOr), as in flags | other.

pub const fn difference(self, other: Self) -> Self

Returns the difference between the flags in self and other.

Specifically, the returned set contains all flags present in self, except for the ones present in other.

It is also conceptually equivalent to the “bit-clear” operation: flags & !other (and this syntax is also supported).

This is equivalent to using the - operator (e.g. ops::Sub), as in flags - other.

pub const fn symmetric_difference(self, other: Self) -> Self

Returns the symmetric difference between the flags in self and other.

Specifically, the returned set contains the flags present which are present in self or other, but that are not present in both. Equivalently, it contains the flags present in exactly one of the sets self and other.

This is equivalent to using the ^ operator (e.g. ops::BitXor), as in flags ^ other.

pub const fn complement(self) -> Self

Returns the complement of this set of flags.

Specifically, the returned set contains all the flags which are not set in self, but which are allowed for this type.

Alternatively, it can be thought of as the set difference between Self::all() and self (e.g. Self::all() - self)

This is equivalent to using the ! operator (e.g. ops::Not), as in !flags.

Trait Implementations

impl Binary for CapabilitiesSecureBits

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl BitAnd<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn bitand(self, other: Self) -> Self

Returns the intersection between the two sets of flags.

type Output = CapabilitiesSecureBits

The resulting type after applying the & operator.

impl BitAndAssign<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn bitand_assign(&mut self, other: Self)

Disables all flags disabled in the set.

impl BitOr<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn bitor(self, other: CapabilitiesSecureBits) -> Self

Returns the union of the two sets of flags.

type Output = CapabilitiesSecureBits

The resulting type after applying the | operator.

impl BitOrAssign<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn bitor_assign(&mut self, other: Self)

Adds the set of flags.

impl BitXor<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn bitxor(self, other: Self) -> Self

Returns the left flags, but with all the right flags toggled.

type Output = CapabilitiesSecureBits

The resulting type after applying the ^ operator.

impl BitXorAssign<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn bitxor_assign(&mut self, other: Self)

Toggles the set of flags.

impl Clone for CapabilitiesSecureBits

fn clone(&self) -> CapabilitiesSecureBits

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for CapabilitiesSecureBits

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Extend<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn extend<T: IntoIterator<Item = Self>>(&mut self, iterator: T)

Extends a collection with the contents of an iterator.

fn extend_one(&mut self, item: A)

🔬This is a nightly-only experimental API. (extend_one)

Extends a collection with exactly one element.

fn extend_reserve(&mut self, additional: usize)

🔬This is a nightly-only experimental API. (extend_one)

Reserves capacity in a collection for the given number of additional elements.

impl FromIterator<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn from_iter<T: IntoIterator<Item = Self>>(iterator: T) -> Self

Creates a value from an iterator.

impl Hash for CapabilitiesSecureBits

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)where
H: Hasher,
Self: Sized,

Feeds a slice of this type into the given Hasher.

impl LowerHex for CapabilitiesSecureBits

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Not for CapabilitiesSecureBits

fn not(self) -> Self

Returns the complement of this set of flags.

type Output = CapabilitiesSecureBits

The resulting type after applying the ! operator.

impl Octal for CapabilitiesSecureBits

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Ord for CapabilitiesSecureBits

fn cmp(&self, other: &CapabilitiesSecureBits) -> Ordering

This method returns an Ordering between self and other.

fn max(self, other: Self) -> Selfwhere
Self: Sized,

Compares and returns the maximum of two values.

fn min(self, other: Self) -> Selfwhere
Self: Sized,

Compares and returns the minimum of two values.

fn clamp(self, min: Self, max: Self) -> Selfwhere
Self: Sized + PartialOrd<Self>,

Restrict a value to a certain interval.

impl PartialEq<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn eq(&self, other: &CapabilitiesSecureBits) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl PartialOrd<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn partial_cmp(&self, other: &CapabilitiesSecureBits) -> Option<Ordering>

This method returns an ordering between self and other values if one exists.

fn lt(&self, other: &Rhs) -> bool

This method tests less than (for self and other) and is used by the < operator.

fn le(&self, other: &Rhs) -> bool

This method tests less than or equal to (for self and other) and is used by the <= operator.

fn gt(&self, other: &Rhs) -> bool

This method tests greater than (for self and other) and is used by the > operator.

fn ge(&self, other: &Rhs) -> bool

This method tests greater than or equal to (for self and other) and is used by the >= operator.

impl Sub<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn sub(self, other: Self) -> Self

Returns the set difference of the two sets of flags.

type Output = CapabilitiesSecureBits

The resulting type after applying the - operator.

impl SubAssign<CapabilitiesSecureBits> for CapabilitiesSecureBits

fn sub_assign(&mut self, other: Self)

Disables all flags enabled in the set.

impl UpperHex for CapabilitiesSecureBits

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Copy for CapabilitiesSecureBits

impl Eq for CapabilitiesSecureBits

impl StructuralEq for CapabilitiesSecureBits

impl StructuralPartialEq for CapabilitiesSecureBits