linux-from-scratch/glfs
1
0
Fork 0
mirror of https://github.com/Zeckmathederg/glfs.git synced 2025-02-01 04:52:12 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
bff36841b1
glfs/postlfs/security/libcap.xml
Igor Živković bff36841b1 libcap file mode fix 
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@12174 af4574ff-66df-0310-9fd7-8a98e5e911e0
2013-11-09 14:52:59 +00:00

182 lines
5.8 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
<!ENTITY % general-entities SYSTEM "../../general.ent">
%general-entities;
<!-- Change to kernel.org when it gets back there. -->
<!ENTITY libcap-download-http "http://ftp.de.debian.org/debian/pool/main/libc/libcap2/libcap2_&libcap-version;.orig.tar.gz">
<!ENTITY libcap-download-ftp "ftp://ftp.de.debian.org/debian/pool/main/libc/libcap2/libcap2_&libcap-version;.orig.tar.gz">
<!ENTITY libcap-md5sum "b4896816b626bea445f0b3849bdd4077">
<!ENTITY libcap-size "72 KB">
<!ENTITY libcap-buildsize "1.3 MB">
<!ENTITY libcap-time "less than 0.1 SBU">
]>
<sect1 id="libcap" xreflabel="libcap-&libcap-version;">
<?dbhtml filename="libcap.html"?>
<sect1info>
<othername>$LastChangedBy$</othername>
<date>$Date$</date>
</sect1info>
<title>libcap-&libcap-version;</title>
<indexterm zone="libcap">
<primary sortas="a-libcap">libcap</primary>
</indexterm>
<sect2 role="package">
<title>Introduction to libcap</title>
<para>The <application>libcap</application> package implements the
user-space interfaces to the POSIX 1003.1e capabilities available in Linux
kernels. These capabilities are a partitioning of the all powerful root
privilege into a set of distinct privileges. </para>
&lfs74_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Download (HTTP): <ulink url="&libcap-download-http;"/></para>
</listitem>
<listitem>
<para>Download (FTP): <ulink url="&libcap-download-ftp;"/></para>
</listitem>
<listitem>
<para>Download MD5 sum: &libcap-md5sum;</para>
</listitem>
<listitem>
<para>Download size: &libcap-size;</para>
</listitem>
<listitem>
<para>Estimated disk space required: &libcap-buildsize;</para>
</listitem>
<listitem>
<para>Estimated build time: &libcap-time;</para>
</listitem>
</itemizedlist>
<bridgehead renderas="sect3">libcap Dependencies</bridgehead>
<bridgehead renderas="sect4">Required</bridgehead>
<para role="required"><xref linkend="attr"/></para>
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional"><xref linkend="linux-pam"/></para>
<para condition="html" role="usernotes">User Notes:
<ulink url="&blfs-wiki;/libcap"/></para>
</sect2>
<sect2 role="installation">
<title>Installation of libcap</title>
<para>Install <application>libcap</application> by running the following
commands:</para>
<screen><userinput>make</userinput></screen>
<para>This package does not come with a test suite.</para>
<para>
If you want to disable installing the static library, use this sed:
</para>
<screen><userinput>sed -i '/install.*STALIBNAME/ s/^/#/' libcap/Makefile</userinput></screen>
<para>Now, as the <systemitem class="username">root</systemitem> user:</para>
<screen role="root"><userinput>make RAISE_SETFCAP=no install &amp;&amp;
chmod -v 755 /lib/libcap.so</userinput></screen>
</sect2>
<sect2 role="commands">
<title>Command Explanations</title>
<para><parameter>RAISE_SETFCAP=no</parameter>: This parameter skips trying
to use <application>setcap</application> on itself. This avoids an installation
error if the kernel or file system do not support extended capabilities.</para>
</sect2>
<sect2 role="content">
<title>Contents</title>
<segmentedlist>
<segtitle>Installed Programs</segtitle>
<segtitle>Installed Library</segtitle>
<segtitle>Installed Directories</segtitle>
<seglistitem>
<seg>capsh, getcap, getpcaps, and setcap</seg>
<seg>libcap.{so,a}</seg>
<seg>None</seg>
</seglistitem>
</segmentedlist>
<variablelist>
<bridgehead renderas="sect3">Short Descriptions</bridgehead>
<?dbfo list-presentation="list"?>
<?dbhtml list-presentation="table"?>
<varlistentry id="capsh">
<term><command>capsh</command></term>
<listitem>
<para>is a shell wrapper to explore and constrain capability support.</para>
<indexterm zone="libcap capsh">
<primary sortas="b-capsh">capsh</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="getcap">
<term><command>getcap</command></term>
<listitem>
<para>examines file capabilities.</para>
<indexterm zone="libcap getcap">
<primary sortas="b-getcap">getcap</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="getpcaps">
<term><command>getpcaps</command></term>
<listitem>
<para>displays the capabilities on the queried process(es).</para>
<indexterm zone="libcap getpcaps">
<primary sortas="b-getpcaps">getpcaps</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="setcap">
<term><command>setcap</command></term>
<listitem>
<para>sets file file capabilities.</para>
<indexterm zone="libcap setcap">
<primary sortas="b-setcap">setcap</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="libcap-lib">
<term><filename class='libraryfile'>libcap.{so,a}</filename></term>
<listitem>
<para>contains the <application>libcap</application> API functions.</para>
<indexterm zone="libcap libcap-lib">
<primary sortas="c-libcap">libcap.{so,a}</primary>
</indexterm>
</listitem>
</varlistentry>
</variablelist>
</sect2>
</sect1>
Reference in New Issue View Git Blame Copy Permalink