chcap - IRIX

· Home

+ man pages

-> Linux

-> FreeBSD

-> OpenBSD

-> NetBSD

-> Tru64 Unix

-> HP-UX 11i

-> IRIX

· Linux HOWTOs

· FreeBSD Tips

· *niX Forums

man pages->IRIX man pages -> chcap (1)

NAME
SYNOPSIS
DESCRIPTION
EXAMPLES
SEE ALSO


CHCAP(1)							      CHCAP(1)

NAME [Toc] [Back]

     chcap - change file capability sets

SYNOPSIS [Toc] [Back]

     chcap [ capsets | -r ] pathname ...

DESCRIPTION [Toc] [Back]

     chcap changes the effective, permitted, and inheritable capability	sets
     of	the specified file(s) or removes them.	A file's capability sets
     affect the	capabilities that are assigned to a process upon execution of
     the file.	For a more complete description	of the capability mechanism,
     see capabilities(4).

     capsets is	a string that describes	the changes to the file	capability
     sets.  It is comprised of one or more capability lists.  Each capability
     list has the form:

			      capname[,capname...]OF

     where capname is a	capability name	(e.g., CAP_DAC_READ, CAP_DAC_WRITE,
     CAP_CHOWN,	etc.).	The capability name ALL	indicates all capabilities.
     Capability	names may be expressed in either upper or lower	case.  For a
     complete description of available capability names, see capabilities(4).

     F is a sequence of	one or more flags chosen from "e", "i",	"p" indicating
     which file	capability sets	are to be affected.  "e" indicates the
     effective capability set, "p" the permitted capability set, and "i" the
     inherited capability set.

     O is the operation	chosen from "=","+","-", indicating to initialize,
     add, or delete the	specified capabilities in the affected capability
     sets.

     If	multiple capability lists are specified	in capsets, each capability
     list must be separated by white space, and	the entire capsets string must
     be	escaped	from shell interpretation (i.e.	enclosed in quotes).

     Specifying	all= as	a prefix within	the capsets string clears all current
     capability	sets prior to processing the remainder of the string.

     The capability sets of a file can be displayed using the ls(1) -P option.

     The -r option is used to entirely remove all capability sets on the
     specified files.

EXAMPLES [Toc] [Back]

     chcap CAP_DAC_WRITE-p file
     Removes CAP_DAC_WRITE from	the file's permitted capability	set.

     chcap CAP_DAC_WRITE=p file
     Initializes the file's permitted capability set to	contain	only
     CAP_DAC_WRITE.



									Page 1






CHCAP(1)							      CHCAP(1)



     chcap "all= CAP_DAC_WRITE=p" file
     Clears all	of the file's capability sets, and initializes the file's
     permitted capability set to contain only CAP_DAC_WRITE.

     chcap CAP_CHOWN+p file
     Adds CAP_CHOWN to the file's permitted capability set.

     chcap "CAP_DAC_READ+pi CAP_DAC_WRITE+p" file
     Adds CAP_DAC_READ and CAP_DAC_WRITE to file's the permitted capability
     set, and adds CAP_DAC_READ	to the file's inherited	capability set.

     chcap -r file
     Removes the capability sets on the	file.

SEE ALSO [Toc] [Back]

     capabilities(4), capability(4), ls(1).


									PPPPaaaaggggeeee 2222

[ Back ]

Similar pages

Name	OS	Title
sgi_getcapabilitybyname	IRIX	get the default and allowed capability sets for a named user
chattr	Linux	change file attributes on a Linux second extended file system
SSL_CTX_set_def_verify_paths	Tru64	Sets default file path and file name of trusted CA certificate
cap_get_flag	IRIX	get or set the value of a capability flag in a capability
acl_set_fd	Tru64	Sets the ACL on the file or directory designated by the file descriptor
pxfchmod	IRIX	Sets file modes for a named file
rename	NetBSD	change the name of a file
rename	OpenBSD	change the name of a file
rename	HP-UX	change the name of a file
rename	FreeBSD	change the name of a file

newsletter delivery service

Contents

NAME [Toc] [Back]

SYNOPSIS [Toc] [Back]

DESCRIPTION [Toc] [Back]

EXAMPLES [Toc] [Back]

SEE ALSO [Toc] [Back]