diff options
| author | Alejandro Colomar <alx@kernel.org> | 2024-05-26 15:10:13 +0200 |
|---|---|---|
| committer | Alejandro Colomar <alx@kernel.org> | 2024-05-30 15:31:14 +0200 |
| commit | 4dde5e5bc8fc4f6c50b939ec25cfab737800bf73 (patch) | |
| tree | 5870ee6b6fe1bf4bf63ee4b7f475d6c9cc071872 | |
| parent | b0d95a880d16b1f684b7a03cee25b5700781c703 (diff) | |
| download | man-pages-4dde5e5bc8fc4f6c50b939ec25cfab737800bf73.tar.gz | |
prctl.2, PR_CAPBSET_READ.2const: Split PR_CAPBSET_READ from prctl(2)
Signed-off-by: Alejandro Colomar <alx@kernel.org>
| -rw-r--r-- | man/man2/prctl.2 | 29 | ||||
| -rw-r--r-- | man/man2const/PR_CAPBSET_READ.2const | 64 |
2 files changed, 68 insertions, 25 deletions
diff --git a/man/man2/prctl.2 b/man/man2/prctl.2 index ff0fa830f5..be46d221e7 100644 --- a/man/man2/prctl.2 +++ b/man/man2/prctl.2 @@ -19,7 +19,7 @@ .\" Added PR_SET_TIMING, PR_GET_TIMING, PR_SET_NAME, PR_GET_NAME, .\" PR_SET_UNALIGN, PR_GET_UNALIGN, PR_SET_FPEMU, PR_GET_FPEMU, .\" PR_SET_FPEXC, PR_GET_FPEXC -.\" 2008-04-29 Serge Hallyn, Document PR_CAPBSET_READ and PR_CAPBSET_DROP +.\" 2008-04-29 Serge Hallyn, Document PR_CAPBSET_DROP .\" 2008-06-13 Erik Bosman, <ejbosman@cs.vu.nl> .\" Document PR_GET_TSC and PR_SET_TSC. .\" 2008-06-15 mtk, Document PR_SET_SECCOMP, PR_GET_SECCOMP @@ -66,29 +66,8 @@ The first argument can be: .\" .TP .B PR_CAP_AMBIENT -.\" prctl PR_CAPBSET_READ -.TP -.BR PR_CAPBSET_READ " (since Linux 2.6.25)" -Return (as the function result) 1 if the capability specified in -.I arg2 -is in the calling thread's capability bounding set, -or 0 if it is not. -(The capability constants are defined in -.IR <linux/capability.h> .) -The capability bounding set dictates -whether the process can receive the capability through a -file's permitted capability set on a subsequent call to -.BR execve (2). -.IP -If the capability specified in -.I arg2 -is not valid, then the call fails with the error -.BR EINVAL . -.IP -A higher-level interface layered on top of this operation is provided in the -.BR libcap (3) -library in the form of -.BR cap_get_bound (3). +.TQ +.B PR_CAPBSET_READ .\" prctl PR_CAPBSET_DROP .TP .BR PR_CAPBSET_DROP " (since Linux 2.6.25)" @@ -2021,7 +2000,6 @@ of the calling process. for information on the protection mask bits.) .SH RETURN VALUE On success, -.BR PR_CAPBSET_READ , .BR PR_GET_DUMPABLE , .BR PR_GET_FP_MODE , .BR PR_GET_IO_FLUSHER , @@ -2410,4 +2388,5 @@ glibc 2.0.6 .SH SEE ALSO .BR signal (2), .BR PR_CAP_AMBIENT (2const), +.BR PR_CAPBSET_READ (2const), .BR core (5) diff --git a/man/man2const/PR_CAPBSET_READ.2const b/man/man2const/PR_CAPBSET_READ.2const new file mode 100644 index 0000000000..0f069da720 --- /dev/null +++ b/man/man2const/PR_CAPBSET_READ.2const @@ -0,0 +1,64 @@ +.\" Copyright 2008, Serge Hallyn <serge@hallyn.com> +.\" Copyright 2008, 2012, 2013, 2015, Michael Kerrisk <mtk.manpages@gmail.com> +.\" +.\" SPDX-License-Identifier: Linux-man-pages-copyleft +.\" +.\" 2008-04-29 Serge Hallyn, Document PR_CAPBSET_READ +.\" +.TH PR_CAPBSET_READ 2const (date) "Linux man-pages (unreleased)" +.SH NAME +PR_CAPBSET_READ +\- +read the calling thread's capability bounding set +.SH LIBRARY +Standard C library +.RI ( libc ", " \-lc ) +.SH SYNOPSIS +.nf +.B #include <sys/prctl.h> +.P +.BI "int prctl(int " op ", ..." +.BI " \fR/*\fP unsigned long " arg2 ", unsigned long " arg3 , +.BI " unsigned long " arg4 ", unsigned long " arg5 " \fR*/\fP );" +.fi +.SH DESCRIPTION +.TP +.BR PR_CAPBSET_READ " (since Linux 2.6.25)" +Return (as the function result) 1 if the capability specified in +.I arg2 +is in the calling thread's capability bounding set, +or 0 if it is not. +(The capability constants are defined in +.IR <linux/capability.h> .) +The capability bounding set dictates +whether the process can receive the capability through a +file's permitted capability set on a subsequent call to +.BR execve (2). +.IP +If the capability specified in +.I arg2 +is not valid, then the call fails with the error +.BR EINVAL . +.IP +A higher-level interface layered on top of this operation is provided in the +.BR libcap (3) +library in the form of +.BR cap_get_bound (3). +.SH RETURN VALUE +On success, +.BR PR_CAPBSET_READ , +return the nonnegative values described above. +On error, \-1 is returned, and +.I errno +is set to indicate the error. +.SH ERRORS +.TP +.B EINVAL +.I arg2 +is not valid value for this +.IR op . +.SH STANDARDS +Linux. +.SH HISTORY +.SH SEE ALSO +.BR prctl (2) |