Lines Matching defs:capabilities
201 // Setting linux capabilities (permitted, effective and inheritable) for the current process.
202 // Permitted set indicates the capabilities what could be set for the process.
204 // Inheritable set indicates the capabilities what the children will inherit from the current process.
208 cap_t capabilities = cap_init();
209 if (!capabilities) {
210 fprintf(stderr, "Failed to initialize process capabilities: %s.\n", strerror(errno));
214 if (cap_clear(capabilities) == -1) {
215 fprintf(stderr, "Failed to clear process capabilities: %s.\n", strerror(errno));
220 if (cap_set_flag(capabilities, CAP_EFFECTIVE, length, capabilityList, CAP_SET) == -1
221 || cap_set_flag(capabilities, CAP_INHERITABLE, length, capabilityList, CAP_SET) == -1
222 || cap_set_flag(capabilities, CAP_PERMITTED, length, capabilityList, CAP_SET) == -1) {
224 cap_free(capabilities);
229 if (cap_set_proc(capabilities) == -1) {
230 fprintf(stderr, "Failed to set process capabilities: %s.\n", strerror(errno));
231 cap_free(capabilities);
235 cap_free(capabilities);
257 // Drop all capabilities. Again, setuid() normally takes care of this if we had euid 0.
692 // Reduce capabilities to what we need.
693 // Although we still have root euid and we keep root equivalent capabilities,
697 fprintf(stderr, "Could not adjust process capabilities: %s.\n", strerror(errno));