|
|
@@ -23,10 +23,9 @@
|
|
|
<sect2 role="package">
|
|
|
<title/>
|
|
|
|
|
|
- <para>The Libcap package implements the user-space interfaces to the POSIX
|
|
|
- 1003.1e capabilities available in Linux kernels. These capabilities are a
|
|
|
- partitioning of the all powerful root privilege into a set of distinct
|
|
|
- privileges.</para>
|
|
|
+ <para>Libcap 软件包为 Linux 内核提供的 POSIX 1003.1e
|
|
|
+ 权能字实现用户接口。这些权能字是 root
|
|
|
+ 用户的最高特权分割成的一组不同权限。</para>
|
|
|
|
|
|
<segmentedlist>
|
|
|
<segtitle>&buildtime;</segtitle>
|
|
|
@@ -43,7 +42,7 @@
|
|
|
<sect2 role="installation">
|
|
|
<title>安装Libcap</title>
|
|
|
|
|
|
- <para>Prevent a static library from being installed:</para>
|
|
|
+ <para>防止静态库的安装:</para>
|
|
|
|
|
|
<screen><userinput remap="pre">sed -i '/install.*STALIBNAME/d' libcap/Makefile</userinput></screen>
|
|
|
|
|
|
@@ -59,33 +58,32 @@
|
|
|
chmod -v 755 /usr/lib/libcap.so</userinput></screen>
|
|
|
|
|
|
<variablelist>
|
|
|
- <title>The meaning of the make option:</title>
|
|
|
+ <title>make 命令选项的含义:</title>
|
|
|
|
|
|
<varlistentry>
|
|
|
<term><parameter>RAISE_SETFCAP=no</parameter></term>
|
|
|
<listitem>
|
|
|
- <para>This parameter skips trying to use <command>setcap</command>
|
|
|
- on itself. This avoids an installation error if the kernel or file
|
|
|
- system does not support extended capabilities.</para>
|
|
|
+ <para>该参数跳过对 <command>setcap</command> 使用它本身的步骤。
|
|
|
+ 这可以避免在不支持扩展权能字的内核或文件系统上发生安装错误。
|
|
|
+ </para>
|
|
|
</listitem>
|
|
|
</varlistentry>
|
|
|
|
|
|
<varlistentry>
|
|
|
<term><parameter>lib=lib</parameter></term>
|
|
|
<listitem>
|
|
|
- <para>This parameter installs the library in
|
|
|
- <filename>$prefix/lib</filename> rather than
|
|
|
- <filename>$prefix/lib64</filename> on x86_64. It has no effect on
|
|
|
- x86.</para>
|
|
|
+ <para>在 x86_64 上,该参数将库安装在
|
|
|
+ <filename>$prefix/lib</filename>,而不是
|
|
|
+ <filename>$prefix/lib64</filename>。 它在 x86 上没有作用。</para>
|
|
|
</listitem>
|
|
|
</varlistentry>
|
|
|
|
|
|
</variablelist>
|
|
|
|
|
|
- <para>The shared library needs to be moved to
|
|
|
- <filename class="directory">/lib</filename>, and as a result the
|
|
|
- <filename class="extension">.so</filename> file in
|
|
|
- <filename class="directory">/usr/lib</filename> will need to be recreated:</para>
|
|
|
+ <para>需要把共享库移动到
|
|
|
+ <filename class="directory">/lib</filename>,因此
|
|
|
+ <filename class="directory">/usr/lib</filename> 中的
|
|
|
+ <filename class="extension">.so</filename> 符号链接需要重新建立:</para>
|
|
|
|
|
|
<screen><userinput remap="install">mv -v /usr/lib/libcap.so.* /lib
|
|
|
ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput></screen>
|
|
|
@@ -100,7 +98,7 @@ ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput><
|
|
|
<segtitle>安装的库</segtitle>
|
|
|
|
|
|
<seglistitem>
|
|
|
- <seg>capsh, getcap, getpcaps, and setcap</seg>
|
|
|
+ <seg>capsh, getcap, getpcaps, 以及 setcap</seg>
|
|
|
<seg>libcap.so</seg>
|
|
|
</seglistitem>
|
|
|
</segmentedlist>
|
|
|
@@ -113,7 +111,7 @@ ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput><
|
|
|
<varlistentry id="capsh">
|
|
|
<term><command>capsh</command></term>
|
|
|
<listitem>
|
|
|
- <para>A shell wrapper to explore and constrain capability support</para>
|
|
|
+ <para>一个用于演示和限制 Linux 权能字的 shell 封装器</para>
|
|
|
<indexterm zone="ch-system-libcap capsh">
|
|
|
<primary sortas="b-capsh">capsh</primary>
|
|
|
</indexterm>
|
|
|
@@ -123,7 +121,7 @@ ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput><
|
|
|
<varlistentry id="getcap">
|
|
|
<term><command>getcap</command></term>
|
|
|
<listitem>
|
|
|
- <para>Examines file capabilities</para>
|
|
|
+ <para>检验文件权能字</para>
|
|
|
<indexterm zone="ch-system-libcap getcap">
|
|
|
<primary sortas="b-getcap">getcap</primary>
|
|
|
</indexterm>
|
|
|
@@ -133,7 +131,7 @@ ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput><
|
|
|
<varlistentry id="getpcaps">
|
|
|
<term><command>getpcaps</command></term>
|
|
|
<listitem>
|
|
|
- <para>Displays the capabilities on the queried process(es)</para>
|
|
|
+ <para>查询进程的权能字</para>
|
|
|
<indexterm zone="ch-system-libcap getpcaps">
|
|
|
<primary sortas="b-getpcaps">getpcaps</primary>
|
|
|
</indexterm>
|
|
|
@@ -143,7 +141,7 @@ ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput><
|
|
|
<varlistentry id="setcap">
|
|
|
<term><command>setcap</command></term>
|
|
|
<listitem>
|
|
|
- <para>Sets file capabilities</para>
|
|
|
+ <para>设定文件权能字</para>
|
|
|
<indexterm zone="ch-system-libcap setcap">
|
|
|
<primary sortas="b-setcap">setcap</primary>
|
|
|
</indexterm>
|
|
|
@@ -153,8 +151,7 @@ ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput><
|
|
|
<varlistentry id="libcap">
|
|
|
<term><filename class="libraryfile">libcap</filename></term>
|
|
|
<listitem>
|
|
|
- <para>Contains the library functions for manipulating POSIX 1003.1e
|
|
|
- capabilities</para>
|
|
|
+ <para>包含操作 POSIX 1003.1e 权能字的库函数</para>
|
|
|
<indexterm zone="ch-system-libcap libcap">
|
|
|
<primary sortas="c-libcap">libcap</primary>
|
|
|
</indexterm>
|
Xi Ruoyao