[prev in list] [next in list] [prev in thread] [next in thread]
List: busybox
Subject: [PATCH 6/9] setpriv: dump capability bounding set
From: Patrick Steinhardt <ps () pks ! im>
Date: 2017-06-29 17:34:33
Message-ID: 62ed5514f00bd83219efca059e8cc5744995a2a9.1498757023.git.ps () pks ! im
[Download RAW message or body]
As with the previous commit, this one implements the ability to dump the
capability bounding set.
---
util-linux/setpriv.c | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
diff --git a/util-linux/setpriv.c b/util-linux/setpriv.c
index 673943654..644dbdd51 100644
--- a/util-linux/setpriv.c
+++ b/util-linux/setpriv.c
@@ -51,6 +51,10 @@
#include <unistd.h>
#include "libbb.h"
+#ifndef PR_CAPBSET_READ
+#define PR_CAPBSET_READ 23
+#endif
+
#ifndef PR_SET_NO_NEW_PRIVS
#define PR_SET_NO_NEW_PRIVS 38
#endif
@@ -209,6 +213,23 @@ static int dump(void)
printf("[none]");
putchar('\n');
+ printf("Capability bounding set: ");
+ for (n = 0, i = 0; cap_valid(i); i++) {
+ int ret = prctl(PR_CAPBSET_READ, (unsigned long) i, 0UL, 0UL, 0UL);
+ if (ret < 0)
+ bb_simple_perror_msg_and_die("prctl: CAPBSET_READ");
+
+ if (ret) {
+ if (n)
+ putchar(',');
+ printcap(i);
+ n++;
+ }
+ }
+ if (!n)
+ printf("[none]");
+ putchar('\n');
+
free(gids);
free(caps);
return 0;
--
2.13.2
_______________________________________________
busybox mailing list
busybox@busybox.net
http://lists.busybox.net/mailman/listinfo/busybox
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic