Home Explore Help
Register Sign In
OWEALs
/
procd
mirror of https://git.openwrt.org/project/procd.git
2
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
procd
/
jail
/
capabilities.h

capabilities.h 1.2 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536 
  1. /*
    2. 

  2.  * Copyright (C) 2015 Etienne CHAMPETIER <champetier.etienne@gmail.com>
    3. 

  3.  *
    4. 

  4.  * This program is free software; you can redistribute it and/or modify
    5. 

  5.  * it under the terms of the GNU Lesser General Public License version 2.1
    6. 

  6.  * as published by the Free Software Foundation
    7. 

  7.  *
    8. 

  8.  * This program is distributed in the hope that it will be useful,
    9. 

  9.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    10. 

  10.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    11. 

  11.  * GNU General Public License for more details.
    12. 

  12.  */
    13. 

  13. #ifndef _JAIL_CAPABILITIES_H_
    14. 

  14. #define _JAIL_CAPABILITIES_H_
    15. 

  15. 

  16. #include <libubox/blobmsg.h>
    17. 

  17. #include <linux/capability.h>
    18. 

  18. 

  19. struct jail_capset {
    20. 

  20. 	uint64_t bounding;
    21. 

  21. 	uint64_t effective;
    22. 

  22. 	uint64_t inheritable;
    23. 

  23. 	uint64_t permitted;
    24. 

  24. 	uint64_t ambient;
    25. 

  25. 	uint8_t apply;
    26. 

  26. };
    27. 

  27. 

  28. int parseOCIcapabilities(struct jail_capset *capset, struct blob_attr *msg);
    29. 

  29. int parseOCIcapabilities_from_file(struct jail_capset *capset, const char *file);
    30. 

  30. int applyOCIcapabilities(struct jail_capset capset, uint64_t retain);
    31. 

  31. 

  32. /* capget/capset syscall wrappers are provided by libc */
    33. 

  33. extern int capget(cap_user_header_t header, cap_user_data_t data);
    34. 

  34. extern int capset(cap_user_header_t header, const cap_user_data_t data);
    35. 

  35. 

  36. #endif
    37.