Crate caps[−][src]
A pure-Rust library to work with Linux capabilities.
It provides support for manipulating capabilities available on modern Linux kernels. It supports traditional POSIX sets (Effective, Inheritable, Permitted) as well as Linux-specific Ambient and Bounding capabilities sets.
type ExResult<T> = Result<T, Box<dyn std::error::Error + 'static>>; fn manipulate_caps() -> ExResult<()> { use caps::{Capability, CapSet}; if caps::has_cap(None, CapSet::Permitted, Capability::CAP_SYS_NICE)? { caps::drop(None, CapSet::Effective, Capability::CAP_SYS_NICE)?; let effective = caps::read(None, CapSet::Effective)?; assert_eq!(effective.contains(&Capability::CAP_SYS_NICE), false); caps::clear(None, CapSet::Effective)?; let cleared = caps::read(None, CapSet::Effective)?; assert_eq!(cleared.is_empty(), true); }; Ok(()) }
Modules
| errors | Error handling. |
| runtime | Detect kernel features at runtime. |
| securebits | Manipulate securebits flags |
Enums
| CapSet | Linux capabilities sets. |
| Capability | Linux capabilities. |
Functions
| all | Return the set of all capabilities supported by this library. |
| clear | Clear all capabilities in a set for a thread. |
| drop | Drop a single capability from a set for a thread. |
| has_cap | Check if a thread contains a capability in a set. |
| raise | Raise a single capability in a set for a thread. |
| read | Return all capabilities in a set for a thread. |
| set | Set a capability set for a thread to a new value. |
| to_canonical | Convert an informal capability name into a canonical form. |
Type Definitions
| CapsHashSet | An |