lfs
/
lfs-book


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218
							<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../general.ent">
  %general-entities;
]>

<sect1 id="ch-system-libcap" role="wrap">
  <?dbhtml filename="libcap.html"?>

  <sect1info condition="script">
    <productname>libcap</productname>
    <productnumber>&libcap-version;</productnumber>
    <address>&libcap-url;</address>
  </sect1info>

  <title>Libcap-&libcap-version;</title>

  <indexterm zone="ch-system-libcap">
    <primary sortas="a-Libcap">Libcap</primary>
  </indexterm>

  <sect2 role="package">
    <title/>

    <para>The Libcap package implements the user-space interfaces to the POSIX
    1003.1e capabilities available in Linux kernels. These capabilities are a
    partitioning of the all powerful root privilege into a set of distinct
    privileges.</para>

    <segmentedlist>
      <segtitle>&buildtime;</segtitle>
      <segtitle>&diskspace;</segtitle>

      <seglistitem>
        <seg>&libcap-fin-sbu;</seg>
        <seg>&libcap-fin-du;</seg>
      </seglistitem>
    </segmentedlist>

  </sect2>

  <sect2 role="installation">
    <title>Installation of Libcap</title>

    <para>Prevent static libraries from being installed:</para>

<screen><userinput remap="pre">sed -i '/install -m.*STA/d' libcap/Makefile</userinput></screen>

    <para>Compile the package:</para>

<screen><userinput remap="make">make prefix=/usr lib=lib</userinput></screen>

    <variablelist>
      <title>The meaning of the make option:</title>

      <varlistentry>
        <term><parameter>lib=lib</parameter></term>
        <listitem>
          <para>This parameter sets the library directory to
          <filename>/usr/lib</filename> rather than
          <filename>/usr/lib64</filename> on x86_64. It has no effect on
          x86.</para>
        </listitem>
      </varlistentry>
    </variablelist>

    <para>To test the results, issue:</para>

<screen><userinput remap="test">make test</userinput></screen>

    <para>Install the package and make sure the essential libraries are in
    the correct directory:</para>

<screen><userinput remap="install">make prefix=/usr lib=lib install
for libname in cap psx; do
    mv -v /usr/lib/lib${libname}.so.* /lib
    ln -sfv ../../lib/lib${libname}.so.2 /usr/lib/lib${libname}.so
    chmod -v 755 /lib/lib${libname}.so.&libcap-version;
done</userinput></screen>

  </sect2>

  <!-- - - - - - - - - - -->
  <!-- Multilib - 32bit  -->
  <!-- - - - - - - - - - -->
  
  <sect2 arch="ml_32,ml_all" role="installation">
    <title>Installation of Libcap - 32bit</title>

    <para>Clean previous build:</para>

<screen><userinput remap="pre">make distclean</userinput></screen>

    <para>Compile the package:</para>

<screen><userinput remap="make">make CC="gcc -m32 -march=i686"</userinput></screen>

    <para>Install the package:</para>

<screen><userinput remap="install">make lib=lib32 prefix=$PWD/DESTDIR/usr -C libcap install
cp -Rv DESTDIR&usr-lib-m32;/* &usr-lib-m32;
sed -e "s|^libdir=.*|libdir=&usr-lib-m32;|" -i &usr-lib-m32;/pkgconfig/lib{cap,psx}.pc
chmod -v 755 &usr-lib-m32;/libcap.so.&libcap-version;
rm -rf DESTDIR</userinput></screen>

  </sect2><!-- m32 -->

  <!-- - - - - - - - - - -->
  <!-- Multilib - x32bit -->
  <!-- - - - - - - - - - -->
  
  <sect2 arch="ml_x32,ml_all" role="installation">
    <title>Installation of Libcap - x32bit</title>

    <para>Clean previous build:</para>

<screen><userinput remap="pre">make distclean</userinput></screen>

    <para>Compile the package:</para>

<screen><userinput remap="make">make CC="gcc -mx32 -march=x86-64"</userinput></screen>

    <para>Install the package:</para>

<screen><userinput remap="install">make lib=libx32 prefix=$PWD/DESTDIR/usr -C libcap install
cp -Rv DESTDIR&usr-lib-mx32;/* &usr-lib-mx32;
sed -e "s|^libdir=.*|libdir=&usr-lib-mx32;|" -i &usr-lib-mx32;/pkgconfig/lib{cap,psx}.pc
chmod -v 755 &usr-lib-mx32;/libcap.so.&libcap-version;
rm -rf DESTDIR</userinput></screen>

  </sect2><!-- mx32 -->

  <sect2 id="contents-libcap" role="content">
    <title>Contents of Libcap</title>

    <segmentedlist>
      <segtitle>Installed programs</segtitle>
      <segtitle>Installed library</segtitle>

      <seglistitem>
        <seg>capsh, getcap, getpcaps, and setcap</seg>
        <seg>libcap.so and libpsx.so</seg>
      </seglistitem>
    </segmentedlist>

    <variablelist>
      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
      <?dbfo list-presentation="list"?>
      <?dbhtml list-presentation="table"?>

      <varlistentry id="capsh">
        <term><command>capsh</command></term>
        <listitem>
          <para>A shell wrapper to explore and constrain capability support</para>
          <indexterm zone="ch-system-libcap capsh">
            <primary sortas="b-capsh">capsh</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="getcap">
        <term><command>getcap</command></term>
        <listitem>
          <para>Examines file capabilities</para>
          <indexterm zone="ch-system-libcap getcap">
            <primary sortas="b-getcap">getcap</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="getpcaps">
        <term><command>getpcaps</command></term>
        <listitem>
          <para>Displays the capabilities on the queried process(es)</para>
          <indexterm zone="ch-system-libcap getpcaps">
            <primary sortas="b-getpcaps">getpcaps</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="setcap">
        <term><command>setcap</command></term>
        <listitem>
          <para>Sets file capabilities</para>
          <indexterm zone="ch-system-libcap setcap">
            <primary sortas="b-setcap">setcap</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="libcap">
        <term><filename class="libraryfile">libcap</filename></term>
        <listitem>
          <para>Contains the library functions for manipulating POSIX 1003.1e
          capabilities</para>
          <indexterm zone="ch-system-libcap libcap">
            <primary sortas="c-libcap">libcap</primary>
          </indexterm>
        </listitem>
      </varlistentry>

      <varlistentry id="libpsx">
        <term><filename class="libraryfile">libpsx</filename></term>
        <listitem>
          <para>Contains functions to support POSIX semantics for syscalls
          associated with the pthread library</para>
          <indexterm zone="ch-system-libcap libpsx">
            <primary sortas="c-libpsx">libpsx</primary>
          </indexterm>
        </listitem>
      </varlistentry>

    </variablelist>

  </sect2>

</sect1>