1 .\" written by Andrew Morgan <morgan@kernel.org>
3 .\" %%%LICENSE_START(GPL_NOVERSION_ONELINE)
4 .\" may be distributed as per GPL
7 .\" Modified by David A. Wheeler <dwheeler@ida.org>
8 .\" Modified 2004-05-27, mtk
9 .\" Modified 2004-06-21, aeb
10 .\" Modified 2008-04-28, morgan of kernel.org
11 .\" Update in line with addition of file capabilities and
12 .\" 64-bit capability sets in kernel 2.6.2[45].
13 .\" Modified 2009-01-26, andi kleen
15 .TH CAPGET 2 2019-03-06 "Linux" "Linux Programmer's Manual"
17 capget, capset \- set/get capabilities of thread(s)
19 .B #include <sys/capability.h>
21 .BI "int capget(cap_user_header_t " hdrp ", cap_user_data_t " datap );
23 .BI "int capset(cap_user_header_t " hdrp ", const cap_user_data_t " datap );
25 These two system calls are the raw kernel interface for getting and
26 setting thread capabilities.
27 Not only are these system calls specific to Linux,
28 but the kernel API is likely to change and use of
29 these system calls (in particular the format of the
31 types) is subject to extension with each kernel revision,
32 but old programs will keep working.
34 The portable interfaces are
38 if possible, you should use those interfaces in applications.
41 Now that you have been warned, some current kernel details.
42 The structures are defined as follows.
46 #define _LINUX_CAPABILITY_VERSION_1 0x19980330
47 #define _LINUX_CAPABILITY_U32S_1 1
49 /* V2 added in Linux 2.6.25; deprecated */
50 #define _LINUX_CAPABILITY_VERSION_2 0x20071026
51 .\" commit e338d263a76af78fe8f38a72131188b58fceb591
52 .\" Added 64 bit capability support
53 #define _LINUX_CAPABILITY_U32S_2 2
55 /* V3 added in Linux 2.6.26 */
56 #define _LINUX_CAPABILITY_VERSION_3 0x20080522
57 .\" commit ca05a99a54db1db5bca72eccb5866d2a86f8517f
58 #define _LINUX_CAPABILITY_U32S_3 2
60 typedef struct __user_cap_header_struct {
65 typedef struct __user_cap_data_struct {
78 fields are bit masks of the capabilities defined in
82 values are bit indexes and need to be bit-shifted before ORing into
84 To define the structures for passing to the system call, you have to use the
85 .I struct __user_cap_header_struct
87 .I struct __user_cap_data_struct
88 names because the typedefs are only pointers.
90 Kernels prior to 2.6.25 prefer
91 32-bit capabilities with version
92 .BR _LINUX_CAPABILITY_VERSION_1 .
93 Linux 2.6.25 added 64-bit capability sets, with version
94 .BR _LINUX_CAPABILITY_VERSION_2 .
95 There was, however, an API glitch, and Linux 2.6.26 added
96 .BR _LINUX_CAPABILITY_VERSION_3
99 Note that 64-bit capabilities use
103 whereas 32-bit capabilities use only
106 On kernels that support file capabilities (VFS capabilities support),
107 these system calls behave slightly differently.
108 This support was added as an option in Linux 2.6.24,
109 and became fixed (nonoptional) in Linux 2.6.33.
113 calls, one can probe the capabilities of any process by specifying its
118 For details on the data, see
119 .BR capabilities (7).
121 .SS With VFS capabilities support
122 VFS capabilities employ a file extended attribute (see
124 to allow capabilities to be attached to executables.
125 This privilege model obsoletes kernel support for one process
126 asynchronously setting the capabilities of another.
127 That is, on kernels that have VFS capabilities support, when calling
129 the only permitted values for
131 are 0 or, equivalently, the value returned by
134 .SS Without VFS capabilities support
135 On older kernels that do not provide VFS capabilities support
137 can, if the caller has the
139 capability, be used to change not only the caller's own capabilities,
140 but also the capabilities of other threads.
141 The call operates on the capabilities of the thread specified by the
145 when that is nonzero, or on the capabilities of the calling thread if
150 refers to a single-threaded process, then
152 can be specified as a traditional process ID;
153 operating on a thread of a multithreaded process requires a thread ID
154 of the type returned by
159 can also be: \-1, meaning perform the change on all threads except the
162 or a value less than \-1, in which case the change is applied
163 to all members of the process group whose ID is \-\fIpid\fP.
165 On success, zero is returned.
166 On error, \-1 is returned, and
168 is set appropriately.
170 The calls fail with the error
176 to the kernel preferred value of
177 .B _LINUX_CAPABILITY_VERSION_?
181 In this way, one can probe what the current
182 preferred capability revision is.
190 may be NULL only when the user is trying to determine the preferred
191 capability version format supported by the kernel.
194 One of the arguments was invalid.
197 An attempt was made to add a capability to the Permitted set, or to set
198 a capability in the Effective or Inheritable sets that is not in the
202 The caller attempted to use
204 to modify the capabilities of a thread other than itself,
205 but lacked sufficient privilege.
206 For kernels supporting VFS
207 capabilities, this is never permitted.
208 For kernels lacking VFS
211 capability is required.
212 (A bug in kernels before 2.6.11 meant that this error could also
213 occur if a thread without this capability tried to change its
214 own capabilities by specifying the
216 field as a nonzero value (i.e., the value returned by
223 These system calls are Linux-specific.
225 The portable interface to the capability querying and setting
226 functions is provided by the
228 library and is available here:
230 .UR http://git.kernel.org/cgit\:/linux\:/kernel\:/git\:/morgan\:\:/libcap.git