Library for Capabilities (linux-privs) Support
Capabilities are a measure to limit the omnipotence of the superuser.
Currently a program started by root or setuid root has the power to do
anything. Capabilities (Linux-Privs) provide a more fine-grained access
control. Without kernel patches, you can use this library to drop
capabilities within setuid binaries. If you use patches, this can be
done automatically by the kernel.
- Developed at Base:System
- Sources inherited from project openSUSE:Factory
-
6
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout openSUSE:Factory:zSystems/libcap && cd $_
- Create Badge
Refresh
Refresh
Source Files
Filename | Size | Changed |
---|---|---|
baselibs.conf | 0000000016 16 Bytes | |
libcap-2.66.tar.sign | 0000000833 833 Bytes | |
libcap-2.66.tar.xz | 0000181592 177 KB | |
libcap.changes | 0000023139 22.6 KB | |
libcap.keyring | 0000015396 15 KB | |
libcap.spec | 0000004717 4.61 KB |
Revision 55 (latest revision is 60)
Dominique Leuenberger (dimstar_suse)
accepted
request 1007104
from
Dirk Mueller (dirkmueller)
(revision 55)
- update to 2.66: * Fix documentation typos in cap_from_text.3 * Some getpcaps code clean up and a fix for PID argument parsing from Jakub Wilk. * Slightly more robust Makefiles to address an error with make -j48 test observed * Include a simple Go program, captrace, to trace kernel capability validation checks * This program can be used to figure out what capabilities a program needs to operate. * captrace (a wrapper for bpftrace) uses BPF kprobes to monitor the kernel for capability checks and whether or not they succeed for the system, a specific PID or a program's direct execution. * Trim down the default file capabilities for contrib/sucap/su to those actually needed and set USER and HOME environment variables so bash doesn't complain about a sourcing error.
Comments 1
This library is problematic on current openSUSE TW, it doesn't install and when I try to build from rpm source:
Checking for unpackaged file(s): /usr/lib/rpm/check-files /home/ilgaz/rpmbuild/BUILDROOT/libcap-2.64-84.121.x86_64 error: Installed (but unpackaged) file(s) found: /usr/lib64/security/pam_cap.so
RPM build errors: Installed (but unpackaged) file(s) found: /usr/lib64/security/pam_cap.so