Enum LinuxCapability 

#[non_exhaustive]
pub enum LinuxCapability {
    Chown,
    DacOverride,
    DacReadSearch,
    FOwner,
    FSetId,
    Kill,
    SetGid,
    SetUid,
    SetPCap,
    NetBindService,
    NetRaw,
    NetAdmin,
    SysChroot,
    SysPtrace,
    SysAdmin,
    SysBoot,
    SysNice,
    SysResource,
    SysTime,
    MkNod,
    AuditWrite,
    AuditControl,
    SetFCap,
}

Linux process capability.

Covers the most commonly used capabilities.

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

Chown

CAP_CHOWN: Make arbitrary changes to file UIDs and GIDs

DacOverride

CAP_DAC_OVERRIDE: Bypass file read, write, and execute permission checks

DacReadSearch

CAP_DAC_READ_SEARCH: Bypass file read permission checks and directory read/execute checks

FOwner

CAP_FOWNER: Bypass permission checks on operations that normally require the filesystem UID

FSetId

CAP_FSETID: Don’t clear set-user-ID and set-group-ID mode bits

Kill

CAP_KILL: Bypass permission checks for sending signals

SetGid

CAP_SETGID: Make arbitrary manipulations of process GIDs and supplementary GID list

SetUid

CAP_SETUID: Make arbitrary manipulations of process UIDs

SetPCap

CAP_SETPCAP: Modify process capabilities

NetBindService

CAP_NET_BIND_SERVICE: Bind a socket to privileged ports (port numbers less than 1024)

NetRaw

CAP_NET_RAW: Use RAW and PACKET sockets; bind to any address for transparent proxying

NetAdmin

CAP_NET_ADMIN: Perform various network-related operations

SysChroot

CAP_SYS_CHROOT: Use chroot()

SysPtrace

CAP_SYS_PTRACE: Trace arbitrary processes using ptrace()

SysAdmin

CAP_SYS_ADMIN: Perform a range of system administration operations

SysBoot

CAP_SYS_BOOT: Use reboot() and kexec_load()

SysNice

CAP_SYS_NICE: Raise process nice value and change the nice value for arbitrary processes

SysResource

CAP_SYS_RESOURCE: Override resource limits

SysTime

CAP_SYS_TIME: Set system clock; set real-time (hardware) clock

MkNod

CAP_MKNOD: Create special files using mknod()

AuditWrite

CAP_AUDIT_WRITE: Write records to kernel auditing log

AuditControl

CAP_AUDIT_CONTROL: Enable and disable kernel auditing

SetFCap

CAP_SETFCAP: Set file capabilities

Implementations

impl LinuxCapability

pub fn name(self) -> &'static str

Kernel-style capability name (e.g. "NET_ADMIN", "SYS_PTRACE").

Trait Implementations

impl Clone for LinuxCapability

fn clone(&self) -> LinuxCapability

Returns a duplicate of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for LinuxCapability

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Hash for LinuxCapability

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq for LinuxCapability

fn eq(&self, other: &LinuxCapability) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Copy for LinuxCapability

impl Eq for LinuxCapability

impl StructuralPartialEq for LinuxCapability