From 0237fb69ec7c3bf77c6280a005238fc8d0ba7607 Mon Sep 17 00:00:00 2001 From: Igmar Palsenberg Date: Mon, 27 Aug 2012 13:47:51 +0200 Subject: [PATCH]] Properly implement capset and capget syscalls Define CAP_* defines Define kernel ABI structs Signed-off-by: Igmar Palsenberg --- include/sys/capability.h | 74 ++++++++++++++++++++++++++++++++++++++++++++++ src/linux/cap.c | 5 ++- 2 files changed, 77 insertions(+), 2 deletions(-) create mode 100644 include/sys/capability.h diff --git a/include/sys/capability.h b/include/sys/capability.h new file mode 100644 index 0000000..68bb4fc --- /dev/null +++ b/include/sys/capability.h @@ -0,0 +1,74 @@ +#ifndef _SYS_CAPABILITY_H +#define _SYS_CAPABILITY_H + +#include + +#ifdef __cplusplus +extern "C" { +#endif + +#define _LINUX_CAPABILITY_VERSION_1 0x19980330 +#define _LINUX_CAPABILITY_VERSION_2 0x20071026 +#define _LINUX_CAPABILITY_VERSION_3 0x20080522 + +/* POSIX defined capabilities */ +#define CAP_CHOWN 0 +#define CAP_DAC_OVERRIDE 1 +#define CAP_DAC_READ_SEARCH 2 +#define CAP_FOWNER 3 +#define CAP_FSETID 4 +#define CAP_KILL 5 +#define CAP_SETGID 6 +#define CAP_SETUID 7 + +/* Linux specific */ +#define CAP_SETPCAP 8 +#define CAP_LINUX_IMMUTABLE 9 +#define CAP_NET_BIND_SERVICE 10 +#define CAP_NET_BROADCAST 11 +#define CAP_NET_ADMIN 12 +#define CAP_NET_RAW 13 +#define CAP_IPC_LOCK 14 +#define CAP_IPC_OWNER 15 +#define CAP_SYS_MODULE 16 +#define CAP_SYS_RAWIO 17 +#define CAP_SYS_CHROOT 18 +#define CAP_SYS_PTRACE 19 +#define CAP_SYS_PACCT 20 +#define CAP_SYS_ADMIN 21 +#define CAP_SYS_BOOT 22 +#define CAP_SYS_NICE 23 +#define CAP_SYS_RESOURCE 24 +#define CAP_SYS_TIME 25 +#define CAP_SYS_TTY_CONFIG 26 +#define CAP_MKNOD 27 +#define CAP_LEASE 28 +#define CAP_AUDIT_WRITE 29 +#define CAP_AUDIT_CONTROL 30 +#define CAP_SETFCAP 31 +#define CAP_MAC_OVERRIDE 32 +#define CAP_MAC_ADMIN 33 + +typedef struct _user_cap_header_struct * cap_user_header_t; +typedef struct _user_cap_data_struct * cap_user_data_t; + +struct _user_cap_header_struct { + uint32_t version; + int pid; +}; + +struct _user_cap_data_struct { + uint32_t effective; + uint32_t permitted; + uint32_t inheritable; +}; + + +int capget(cap_user_header_t, cap_user_data_t); +int capset(cap_user_header_t, cap_user_data_t); + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/src/linux/cap.c b/src/linux/cap.c index 8d035e0..b88e530 100644 --- a/src/linux/cap.c +++ b/src/linux/cap.c @@ -1,11 +1,12 @@ #include "syscall.h" +#include -int capset(void *a, void *b) +int capset(cap_user_header_t a, cap_user_data_t b) { return syscall(SYS_capset, a, b); } -int capget(void *a, void *b) +int capget(cap_user_header_t a, cap_user_data_t b) { return syscall(SYS_capget, a, b); } -- 1.7.1