1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
|
/*
* cap.c - POSIX.1e (POSIX.6) capability set manipulation
*
* This file is part of zsh, the Z shell.
*
* Copyright (c) 1997 Andrew Main
* All rights reserved.
*
* Permission is hereby granted, without written agreement and without
* license or royalty fees, to use, copy, modify, and distribute this
* software and to distribute modified versions of this software for any
* purpose, provided that the above copyright notice and the following
* two paragraphs appear in all copies of this software.
*
* In no event shall Andrew Main or the Zsh Development Group be liable
* to any party for direct, indirect, special, incidental, or consequential
* damages arising out of the use of this software and its documentation,
* even if Andrew Main and the Zsh Development Group have been advised of
* the possibility of such damage.
*
* Andrew Main and the Zsh Development Group specifically disclaim any
* warranties, including, but not limited to, the implied warranties of
* merchantability and fitness for a particular purpose. The software
* provided hereunder is on an "as is" basis, and Andrew Main and the
* Zsh Development Group have no obligation to provide maintenance,
* support, updates, enhancements, or modifications.
*
*/
#include "cap.mdh"
#include "cap.pro"
#ifdef HAVE_CAP_GET_PROC
static int
bin_cap(char *nam, char **argv, UNUSED(Options ops), UNUSED(int func))
{
int ret = 0;
cap_t caps;
if(*argv) {
caps = cap_from_text(*argv);
if(!caps) {
zwarnnam(nam, "invalid capability string");
return 1;
}
if(cap_set_proc(caps)) {
zwarnnam(nam, "can't change capabilites: %e", errno);
ret = 1;
}
} else {
char *result = NULL;
ssize_t length;
caps = cap_get_proc();
if(caps)
result = cap_to_text(caps, &length);
if(!caps || !result) {
zwarnnam(nam, "can't get capabilites: %e", errno);
ret = 1;
} else
puts(result);
}
cap_free(caps);
return ret;
}
static int
bin_getcap(char *nam, char **argv, UNUSED(Options ops), UNUSED(int func))
{
int ret = 0;
do {
char *result = NULL;
ssize_t length;
cap_t caps = cap_get_file(*argv);
if(caps)
result = cap_to_text(caps, &length);
if (!caps || !result) {
zwarnnam(nam, "%s: %e", *argv, errno);
ret = 1;
} else
printf("%s %s\n", *argv, result);
cap_free(caps);
} while(*++argv);
return ret;
}
static int
bin_setcap(char *nam, char **argv, UNUSED(Options ops), UNUSED(int func))
{
cap_t caps;
int ret = 0;
caps = cap_from_text(*argv++);
if(!caps) {
zwarnnam(nam, "invalid capability string");
return 1;
}
do {
if(cap_set_file(*argv, caps)) {
zwarnnam(nam, "%s: %e", *argv, errno);
ret = 1;
}
} while(*++argv);
cap_free(caps);
return ret;
}
#else /* !HAVE_CAP_GET_PROC */
# define bin_cap bin_notavail
# define bin_getcap bin_notavail
# define bin_setcap bin_notavail
#endif /* !HAVE_CAP_GET_PROC */
/* module paraphernalia */
static struct builtin bintab[] = {
BUILTIN("cap", 0, bin_cap, 0, 1, 0, NULL, NULL),
BUILTIN("getcap", 0, bin_getcap, 1, -1, 0, NULL, NULL),
BUILTIN("setcap", 0, bin_setcap, 2, -1, 0, NULL, NULL),
};
static struct features module_features = {
bintab, sizeof(bintab)/sizeof(*bintab),
NULL, 0,
NULL, 0,
NULL, 0,
0
};
/**/
int
setup_(UNUSED(Module m))
{
return 0;
}
/**/
int
features_(Module m, char ***features)
{
*features = featuresarray(m, &module_features);
return 0;
}
/**/
int
enables_(Module m, int **enables)
{
return handlefeatures(m, &module_features, enables);
}
/**/
int
boot_(UNUSED(Module m))
{
return 0;
}
/**/
int
cleanup_(Module m)
{
return setfeatureenables(m, &module_features, NULL);
}
/**/
int
finish_(UNUSED(Module m))
{
return 0;
}
|