snippetbashTip
setcap — Set capabilities of specified file. See also: `getcap`. More information: <https://manned.org/setcap
Viewed 0 times
commandcapabilitiesclifilesetcapspecifiedsetsee
linux
Problem
How to use the
setcap command: Set capabilities of specified file. See also: getcap. More information: <https://manned.org/setcap>.Solution
setcap — Set capabilities of specified file. See also: getcap. More information: <https://manned.org/setcap>.Set capability
cap_net_raw (to use RAW and PACKET sockets) for a given file:setcap '{{cap_net_raw}}' {{path/to/file}}Set multiple capabilities on a file (
ep behind the capability means "effective permitted"):setcap '{{cap_dac_read_search,cap_sys_tty_config+ep}}' {{path/to/file}}Remove all capabilities from a file:
setcap -r {{path/to/file}}Verify that the specified capabilities are currently associated with the specified file:
setcap -v '{{cap_net_raw}}' {{path/to/file}}The optional
-n root_uid argument can be used to set the file capability for use only in a user namespace with this root user ID owner:setcap -n {{root_uid}} '{{cap_net_admin}}' {{path/to/file}}Code Snippets
Set capability `cap_net_raw` (to use RAW and PACKET sockets) for a given file
setcap '{{cap_net_raw}}' {{path/to/file}}Set multiple capabilities on a file (`ep` behind the capability means "effective permitted")
setcap '{{cap_dac_read_search,cap_sys_tty_config+ep}}' {{path/to/file}}Remove all capabilities from a file
setcap -r {{path/to/file}}Verify that the specified capabilities are currently associated with the specified file
setcap -v '{{cap_net_raw}}' {{path/to/file}}The optional `-n root_uid` argument can be used to set the file capability for use only in a user namespace with this root user ID owner
setcap -n {{root_uid}} '{{cap_net_admin}}' {{path/to/file}}Context
tldr-pages: linux/setcap
Revisions (0)
No revisions yet.