Home | History | Annotate | Download | only in src 
      1 /* libcap-ng.h --
      2  * Copyright 2009 Red Hat Inc., Durham, North Carolina.
      3  * All Rights Reserved.
      4  *
      5  * This library is free software; you can redistribute it and/or
      6  * modify it under the terms of the GNU Lesser General Public
      7  * License as published by the Free Software Foundation; either
      8  * version 2.1 of the License, or (at your option) any later version.
      9  *
     10  * This library is distributed in the hope that it will be useful,
     11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
     12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
     13  * Lesser General Public License for more details.
     14  *
     15  * You should have received a copy of the GNU Lesser General Public
     16  * License along with this library; if not, write to the Free Software
     17  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
     18  *
     19  * Authors:
     20  *      Steve Grubb <sgrubb (at) redhat.com>
     21  */
     22 
     23 #ifndef LIBCAP_NG_HEADER
     24 #define LIBCAP_NG_HEADER
     25 
     26 #include <stdint.h>
     27 #include <linux/capability.h>
     28 #include <unistd.h>
     29 
     30 #ifdef __cplusplus
     31 extern "C" {
     32 #endif
     33 
     34 #ifndef CAP_LAST_CAP
     35 #define CAP_LAST_CAP CAP_AUDIT_CONTROL
     36 #endif
     37 
     38 typedef enum {  CAPNG_DROP, CAPNG_ADD } capng_act_t;
     39 typedef enum {  CAPNG_EFFECTIVE=1, CAPNG_PERMITTED=2,
     40 		CAPNG_INHERITABLE=4, CAPNG_BOUNDING_SET=8 } capng_type_t;
     41 typedef enum {  CAPNG_SELECT_CAPS = 16, CAPNG_SELECT_BOUNDS = 32,
     42 		CAPNG_SELECT_BOTH = 48 } capng_select_t;
     43 typedef enum {	CAPNG_FAIL=-1, CAPNG_NONE, CAPNG_PARTIAL,
     44 		CAPNG_FULL } capng_results_t;
     45 typedef enum {  CAPNG_PRINT_STDOUT, CAPNG_PRINT_BUFFER } capng_print_t;
     46 typedef enum {  CAPNG_NO_FLAG=0, CAPNG_DROP_SUPP_GRP=1,
     47 			CAPNG_CLEAR_BOUNDING=2 } capng_flags_t;
     48 
     49 
     50 // These functions manipulate process capabilities
     51 void capng_clear(capng_select_t set);
     52 void capng_fill(capng_select_t set);
     53 void capng_setpid(int pid);
     54 int capng_get_caps_process(void);
     55 int capng_update(capng_act_t action, capng_type_t type,unsigned int capability);
     56 int capng_updatev(capng_act_t action, capng_type_t type,
     57 		unsigned int capability, ...);
     58 
     59 // These functions apply the capabilities previously setup to a process
     60 int capng_apply(capng_select_t set);
     61 int capng_lock(void);
     62 int capng_change_id(int uid, int gid, capng_flags_t flag);
     63 
     64 // These functions are used for file based capabilities
     65 int capng_get_caps_fd(int fd);
     66 int capng_apply_caps_fd(int fd);
     67 
     68 // These functions check capability bits
     69 capng_results_t capng_have_capabilities(capng_select_t set);
     70 int capng_have_capability(capng_type_t which, unsigned int capability);
     71 
     72 // These functions printout capabilities
     73 char *capng_print_caps_numeric(capng_print_t where, capng_select_t set);
     74 char *capng_print_caps_text(capng_print_t where, capng_type_t which);
     75 
     76 // These functions convert between numeric and text string
     77 int capng_name_to_capability(const char *name);
     78 const char *capng_capability_to_name(unsigned int capability);
     79 
     80 // These function should be used when you suspect a third party library
     81 // may use libcap-ng also and want to make sure it doesn't alter something
     82 // important. Otherwise you shouldn't need to call these.
     83 void *capng_save_state(void);
     84 void capng_restore_state(void **state);
     85 
     86 #ifdef __cplusplus
     87 }
     88 #endif
     89 
     90 
     91 #endif
     92