1
0

libcap.xml 5.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169
  1. <?xml version="1.0" encoding="ISO-8859-1"?>
  2. <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
  3. "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  4. <!ENTITY % general-entities SYSTEM "../general.ent">
  5. %general-entities;
  6. ]>
  7. <sect1 id="ch-system-libcap" role="wrap">
  8. <?dbhtml filename="libcap.html"?>
  9. <sect1info condition="script">
  10. <productname>libcap</productname>
  11. <productnumber>&libcap-version;</productnumber>
  12. <address>&libcap-url;</address>
  13. </sect1info>
  14. <title>Libcap-&libcap-version;</title>
  15. <indexterm zone="ch-system-libcap">
  16. <primary sortas="a-Libcap">Libcap</primary>
  17. </indexterm>
  18. <sect2 role="package">
  19. <title/>
  20. <para>The Libcap package implements the user-space interfaces to the POSIX
  21. 1003.1e capabilities available in Linux kernels. These capabilities are a
  22. partitioning of the all powerful root privilege into a set of distinct
  23. privileges.</para>
  24. <segmentedlist>
  25. <segtitle>&buildtime;</segtitle>
  26. <segtitle>&diskspace;</segtitle>
  27. <seglistitem>
  28. <seg>&libcap-ch6-sbu;</seg>
  29. <seg>&libcap-ch6-du;</seg>
  30. </seglistitem>
  31. </segmentedlist>
  32. </sect2>
  33. <sect2 role="installation">
  34. <title>Installation of Libcap</title>
  35. <para>Prevent a static library from being installed:</para>
  36. <screen><userinput remap="pre">sed -i '/install.*STALIBNAME/d' libcap/Makefile</userinput></screen>
  37. <para>Compile the package:</para>
  38. <screen><userinput remap="make">make</userinput></screen>
  39. <para>This package does not come with a test suite.</para>
  40. <para>Install the package:</para>
  41. <screen><userinput remap="install">make RAISE_SETFCAP=no lib=lib prefix=/usr install
  42. chmod -v 755 /usr/lib/libcap.so</userinput></screen>
  43. <variablelist>
  44. <title>The meaning of the make option:</title>
  45. <varlistentry>
  46. <term><parameter>RAISE_SETFCAP=no</parameter></term>
  47. <listitem>
  48. <para>This parameter skips trying to use <command>setcap</command>
  49. on itself. This avoids an installation error if the kernel or file
  50. system does not support extended capabilities.</para>
  51. </listitem>
  52. </varlistentry>
  53. <varlistentry>
  54. <term><parameter>lib=lib</parameter></term>
  55. <listitem>
  56. <para>This parameter installs the library in
  57. <filename>$prefix/lib</filename> rather than
  58. <filename>$prefix/lib64</filename> on x86_64. It has no effect on
  59. x86.</para>
  60. </listitem>
  61. </varlistentry>
  62. </variablelist>
  63. <para>The shared library needs to be moved to
  64. <filename class="directory">/lib</filename>, and as a result the
  65. <filename class="extension">.so</filename> file in
  66. <filename class="directory">/usr/lib</filename> will need to be recreated:</para>
  67. <screen><userinput remap="install">mv -v /usr/lib/libcap.so.* /lib
  68. ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so</userinput></screen>
  69. </sect2>
  70. <sect2 id="contents-libcap" role="content">
  71. <title>Contents of Libcap</title>
  72. <segmentedlist>
  73. <segtitle>Installed programs</segtitle>
  74. <segtitle>Installed library</segtitle>
  75. <seglistitem>
  76. <seg>capsh, getcap, getpcaps, and setcap</seg>
  77. <seg>libcap.so</seg>
  78. </seglistitem>
  79. </segmentedlist>
  80. <variablelist>
  81. <bridgehead renderas="sect3">Short Descriptions</bridgehead>
  82. <?dbfo list-presentation="list"?>
  83. <?dbhtml list-presentation="table"?>
  84. <varlistentry id="capsh">
  85. <term><command>capsh</command></term>
  86. <listitem>
  87. <para>A shell wrapper to explore and constrain capability support</para>
  88. <indexterm zone="ch-system-libcap capsh">
  89. <primary sortas="b-capsh">capsh</primary>
  90. </indexterm>
  91. </listitem>
  92. </varlistentry>
  93. <varlistentry id="getcap">
  94. <term><command>getcap</command></term>
  95. <listitem>
  96. <para>Examines file capabilities</para>
  97. <indexterm zone="ch-system-libcap getcap">
  98. <primary sortas="b-getcap">getcap</primary>
  99. </indexterm>
  100. </listitem>
  101. </varlistentry>
  102. <varlistentry id="getpcaps">
  103. <term><command>getpcaps</command></term>
  104. <listitem>
  105. <para>Displays the capabilities on the queried process(es)</para>
  106. <indexterm zone="ch-system-libcap getpcaps">
  107. <primary sortas="b-getpcaps">getpcaps</primary>
  108. </indexterm>
  109. </listitem>
  110. </varlistentry>
  111. <varlistentry id="libcap">
  112. <term><filename class="libraryfile">libcap</filename></term>
  113. <listitem>
  114. <para>Contains the library functions for manipulating POSIX 1003.1e
  115. capabilities</para>
  116. <indexterm zone="ch-system-libcap libcap">
  117. <primary sortas="c-libcap">libcap</primary>
  118. </indexterm>
  119. </listitem>
  120. </varlistentry>
  121. <varlistentry id="setcap">
  122. <term><command>setcap</command></term>
  123. <listitem>
  124. <para>Sets file capabilities</para>
  125. <indexterm zone="ch-system-libcap setcap">
  126. <primary sortas="b-setcap">setcap</primary>
  127. </indexterm>
  128. </listitem>
  129. </varlistentry>
  130. </variablelist>
  131. </sect2>
  132. </sect1>