LIBCAP(3)                  Linux Programmer's Manual                 LIBCAP(3)

       cap_clear,  cap_clear_flag,  cap_compare,  cap_copy_ext,  cap_copy_int, cap_free, cap_from_name, cap_from_text,
       cap_get_fd, cap_get_file, cap_get_flag,  cap_get_pid,  cap_get_proc,  cap_set_fd,  cap_set_file,  cap_set_flag,
       cap_set_proc, cap_size, cap_to_name, cap_to_text, cap_get_pid, cap_dup - capability data object manipulation

       #include <sys/capability.h>

       int cap_clear(cap_t cap_p);

       int cap_clear_flag(cap_t cap_p, cap_flag_t flag);

       int cap_compare(cap_t cap_a, cap_t cap_b);

       ssize_t cap_copy_ext(void *ext_p, cap_t cap_p, ssize_t size);

       cap_t cap_copy_int(const void *ext_p);

       int cap_free(void *obj_d);

       int cap_from_name(const char *name, cap_value_t *cap_p);

       cap_t cap_from_text(const char *buf_p);

       cap_t cap_get_fd(int fd);

       cap_t cap_get_file(const char *path_p);

       int cap_get_flag(cap_t cap_p, cap_value_t cap,
                        cap_flag_t flag, cap_flag_value_t *value_p);

       #include <sys/types.h>
       cap_t cap_get_pid(pid_t pid);

       cap_t cap_get_proc(void);

       int cap_set_fd(int fd, cap_t caps);

       int cap_set_file(const char *path_p, cap_t cap_p);

       int cap_set_flag(cap_t cap_p, cap_flag_t flag, int ncap,
                        const cap_value_t *caps, cap_flag_value_t value);
       int cap_set_proc(cap_t cap_p);

       ssize_t cap_size(cap_t cap_p);

       char *cap_to_name(cap_value_t cap);

       char *cap_to_text(cap_t caps, ssize_t *length_p);

       cap_t cap_dup(cap_t cap_p);

       Link with -lcap.

       These  functions work on a capability state held in working storage.  A cap_t holds information about the capa-
       bilities in each of the three sets, Permitted, Inheritable, and Effective.  Each capability in  a  set  may  be
       clear (disabled, 0) or set (enabled, 1).

       These functions work with the following data types:

       cap_value_t       identifies a capability, such as CAP_CHOWN.

       cap_flag_t        identifies  one  of  the three flags associated with a capability (i.e., it identifies one of
                         the three capability sets).  Valid values for this type are CAP_EFFECTIVE, CAP_INHERITABLE or

       cap_flag_value_t  identifies  the  setting of a particular capability flag (i.e, the value of a capability in a
                         set).  Valid values for this type are CAP_CLEAR(0) or CAP_SET(1).

       The return value is generally specific to the individual function called.  On failure, errno is  set  appropri-

       These  functions  are  as  per  the  withdrawn POSIX.1e draft specification.  The following functions are Linux
       extensions: cap_clear_flag(), cap_compare(), cap_from_name(), cap_to_name(), and cap_compare().

       cap_clear(3),  cap_copy_ext(3),  cap_from_text(3),  cap_get_file(3),  cap_get_proc(3),  cap_init(3),  capabili-
       ties(7), getpid(2)

                                  2008-07-29                         LIBCAP(3)