1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428
|
package cap
/* ** DO NOT EDIT THIS FILE. IT WAS AUTO-GENERATED BY LIBCAP'S GO BUILDER (mknames.go) ** */
// NamedCount holds the number of capability values with official
// names known at the time this libcap/cap version, was released. The
// "../libcap/cap" package is fully able to manipulate higher numbered
// capability values by numerical value. However, if you find
// cap.NamedCount < cap.MaxBits(), it is probably time to upgrade this
// package on your system.
//
// FWIW the userspace tool '/sbin/capsh' also contains a runtime check
// for the condition that libcap is behind the running kernel in this
// way.
const NamedCount = 41
// CHOWN etc., are the named capability values of the Linux
// kernel. The canonical source for each name is the
// "uapi/linux/capabilities.h" file. Some values may not be available
// (yet) where the kernel is older. The actual number of capabities
// supported by the running kernel can be obtained using the
// cap.MaxBits() function.
const (
// CHOWN allows a process to arbitrarily change the user and
// group ownership of a file.
CHOWN Value = iota
// DAC_OVERRIDE allows a process to override of all Discretionary
// Access Control (DAC) access, including ACL execute
// access. That is read, write or execute files that the
// process would otherwise not have access to. This
// excludes DAC access covered by cap.LINUX_IMMUTABLE.
DAC_OVERRIDE
// DAC_READ_SEARCH allows a process to override all DAC restrictions
// limiting the read and search of files and
// directories. This excludes DAC access covered by
// cap.LINUX_IMMUTABLE.
DAC_READ_SEARCH
// FOWNER allows a process to perform operations on files, even
// where file owner ID should otherwise need be equal to
// the UID, except where cap.FSETID is applicable. It
// doesn't override MAC and DAC restrictions.
FOWNER
// FSETID allows a process to set the S_ISUID and S_ISUID bits of
// the file permissions, even when the process' effective
// UID or GID/supplementary GIDs do not match that of the
// file.
FSETID
// KILL allows a process to sent a kill(2) signal to any other
// process - overriding the limitation that there be a
// [E]UID match between source and target process.
KILL
// SETGID allows a process to freely manipulate its own GIDs:
// - arbitrarily set the GID, EGID, REGID, RESGID values
// - arbitrarily set the supplementary GIDs
// - allows the forging of GID credentials passed over a
// socket
SETGID
// SETUID allows a process to freely manipulate its own UIDs:
// - arbitraily set the UID, EUID, REUID and RESUID
// values
// - allows the forging of UID credentials passed over a
// socket
SETUID
// SETPCAP allows a process to freely manipulate its inheritable
// capabilities. Linux supports the POSIX.1e Inheritable
// set, as well as Bounding and Ambient Linux extension
// vectors. This capability permits dropping bits from the
// Bounding vector. It also permits the process to raise
// Ambient vector bits that are both raised in the
// Permitted and Inheritable sets of the process. This
// capability cannot be used to raise Permitted bits, or
// Effective bits beyond those already present in the
// process' permitted set.
//
// [Historical note: prior to the advent of file
// capabilities (2008), this capability was suppressed by
// default, as its unsuppressed behavior was not
// auditable: it could asynchronously grant its own
// Permitted capabilities to and remove capabilities from
// other processes arbitraily. The former leads to
// undefined behavior, and the latter is better served by
// the kill system call.]
SETPCAP
// LINUX_IMMUTABLE allows a process to modify the S_IMMUTABLE and
// S_APPEND file attributes.
LINUX_IMMUTABLE
// NET_BIND_SERVICE allows a process to bind to privileged ports:
// - TCP/UDP sockets below 1024
// - ATM VCIs below 32
NET_BIND_SERVICE
// NET_BROADCAST allows a process to broadcast to the network and to
// listen to multicast.
NET_BROADCAST
// NET_ADMIN allows a process to perform network configuration
// operations:
// - interface configuration
// - administration of IP firewall, masquerading and
// accounting
// - setting debug options on sockets
// - modification of routing tables
// - setting arbitrary process, and process group
// ownership on sockets
// - binding to any address for transparent proxying
// (this is also allowed via cap.NET_RAW)
// - setting TOS (Type of service)
// - setting promiscuous mode
// - clearing driver statistics
// - multicasing
// - read/write of device-specific registers
// - activation of ATM control sockets
NET_ADMIN
// NET_RAW allows a process to use raw networking:
// - RAW sockets
// - PACKET sockets
// - binding to any address for transparent proxying
// (also permitted via cap.NET_ADMIN)
NET_RAW
// IPC_LOCK allows a process to lock shared memory segments for IPC
// purposes. Also enables mlock and mlockall system
// calls.
IPC_LOCK
// IPC_OWNER allows a process to override IPC ownership checks.
IPC_OWNER
// SYS_MODULE allows a process to initiate the loading and unloading
// of kernel modules. This capability can effectively
// modify kernel without limit.
SYS_MODULE
// SYS_RAWIO allows a process to perform raw IO:
// - permit ioper/iopl access
// - permit sending USB messages to any device via
// /dev/bus/usb
SYS_RAWIO
// SYS_CHROOT allows a process to perform a chroot syscall to change
// the effective root of the process' file system:
// redirect to directory "/" to some other location.
SYS_CHROOT
// SYS_PTRACE allows a process to perform a ptrace() of any other
// process.
SYS_PTRACE
// SYS_PACCT allows a process to configure process accounting.
SYS_PACCT
// SYS_ADMIN allows a process to perform a somewhat arbitrary
// grab-bag of privileged operations. Over time, this
// capability should weaken as specific capabilities are
// created for subsets of cap.SYS_ADMINs functionality:
// - configuration of the secure attention key
// - administration of the random device
// - examination and configuration of disk quotas
// - setting the domainname
// - setting the hostname
// - calling bdflush()
// - mount() and umount(), setting up new SMB connection
// - some autofs root ioctls
// - nfsservctl
// - VM86_REQUEST_IRQ
// - to read/write pci config on alpha
// - irix_prctl on mips (setstacksize)
// - flushing all cache on m68k (sys_cacheflush)
// - removing semaphores
// - Used instead of cap.CHOWN to "chown" IPC message
// queues, semaphores and shared memory
// - locking/unlocking of shared memory segment
// - turning swap on/off
// - forged pids on socket credentials passing
// - setting readahead and flushing buffers on block
// devices
// - setting geometry in floppy driver
// - turning DMA on/off in xd driver
// - administration of md devices (mostly the above, but
// some extra ioctls)
// - tuning the ide driver
// - access to the nvram device
// - administration of apm_bios, serial and bttv (TV)
// device
// - manufacturer commands in isdn CAPI support driver
// - reading non-standardized portions of PCI
// configuration space
// - DDI debug ioctl on sbpcd driver
// - setting up serial ports
// - sending raw qic-117 commands
// - enabling/disabling tagged queuing on SCSI
// controllers and sending arbitrary SCSI commands
// - setting encryption key on loopback filesystem
// - setting zone reclaim policy
SYS_ADMIN
// SYS_BOOT allows a process to initiate a reboot of the system.
SYS_BOOT
// SYS_NICE allows a process to maipulate the execution priorities
// of arbitrary processes:
// - those involving different UIDs
// - setting their CPU affinity
// - alter the FIFO vs. round-robin (realtime)
// scheduling for itself and other processes.
SYS_NICE
// SYS_RESOURCE allows a process to adjust resource related parameters
// of processes and the system:
// - set and override resource limits
// - override quota limits
// - override the reserved space on ext2 filesystem
// (this can also be achieved via cap.FSETID)
// - modify the data journaling mode on ext3 filesystem,
// which uses journaling resources
// - override size restrictions on IPC message queues
// - configure more than 64Hz interrupts from the
// real-time clock
// - override the maximum number of consoles for console
// allocation
// - override the maximum number of keymaps
//
//
SYS_RESOURCE
// SYS_TIME allows a process to perform time manipulation of clocks:
// - alter the system clock
// - enable irix_stime on MIPS
// - set the real-time clock
SYS_TIME
// SYS_TTY_CONFIG allows a process to manipulate tty devices:
// - configure tty devices
// - perform vhangup() of a tty
SYS_TTY_CONFIG
// MKNOD allows a process to perform privileged operations with
// the mknod() system call.
MKNOD
// LEASE allows a process to take leases on files.
LEASE
// AUDIT_WRITE allows a process to write to the audit log via a
// unicast netlink socket.
AUDIT_WRITE
// AUDIT_CONTROL allows a process to configure audit logging via a
// unicast netlink socket.
AUDIT_CONTROL
// SETFCAP allows a process to set capabilities on files.
SETFCAP
// MAC_OVERRIDE allows a process to override Manditory Access Control
// (MAC) access. Not all kernels are configured with a MAC
// mechanism, but this is the capability reserved for
// overriding them.
MAC_OVERRIDE
// MAC_ADMIN allows a process to configure the Mandatory Access
// Control (MAC) policy. Not all kernels are configured
// with a MAC enabled, but if they are this capability is
// reserved for code to perform administration tasks.
MAC_ADMIN
// SYSLOG allows a process to configure the kernel's syslog
// (printk) behavior.
SYSLOG
// WAKE_ALARM allows a process to trigger something that can wake the
// system up.
WAKE_ALARM
// BLOCK_SUSPEND allows a process to block system suspends - prevent the
// system from entering a lower power state.
BLOCK_SUSPEND
// AUDIT_READ allows a process to read the audit log via a multicast
// netlink socket.
AUDIT_READ
// PERFMON allows a process to enable observability of privileged
// operations related to performance. The mechanisms
// include perf_events, i915_perf and other kernel
// subsystems.
PERFMON
// BPF allows a process to manipulate aspects of the kernel
// enhanced Berkeley Packet Filter (BPF) system. This is
// an execution subsystem of the kernel, that manages BPF
// programs. cap.BPF permits a process to:
// - create all types of BPF maps
// - advanced verifier features:
// - indirect variable access
// - bounded loops
// - BPF to BPF function calls
// - scalar precision tracking
// - larger complexity limits
// - dead code elimination
// - potentially other features
//
// Other capabilities can be used together with cap.BFP to
// further manipulate the BPF system:
// - cap.PERFMON relaxes the verifier checks as follows:
// - BPF programs can use pointer-to-integer
// conversions
// - speculation attack hardening measures can be
// bypassed
// - bpf_probe_read to read arbitrary kernel memory is
// permitted
// - bpf_trace_printk to print the content of kernel
// memory
// - cap.SYS_ADMIN permits the following:
// - use of bpf_probe_write_user
// - iteration over the system-wide loaded programs,
// maps, links BTFs and convert their IDs to file
// descriptors.
// - cap.PERFMON is required to load tracing programs.
// - cap.NET_ADMIN is required to load networking
// programs.
BPF
// CHECKPOINT_RESTORE allows a process to perform checkpoint
// and restore operations. Also permits
// explicit PID control via clone3() and
// also writing to ns_last_pid.
CHECKPOINT_RESTORE
)
var names = map[Value]string{
CHOWN: "cap_chown",
DAC_OVERRIDE: "cap_dac_override",
DAC_READ_SEARCH: "cap_dac_read_search",
FOWNER: "cap_fowner",
FSETID: "cap_fsetid",
KILL: "cap_kill",
SETGID: "cap_setgid",
SETUID: "cap_setuid",
SETPCAP: "cap_setpcap",
LINUX_IMMUTABLE: "cap_linux_immutable",
NET_BIND_SERVICE: "cap_net_bind_service",
NET_BROADCAST: "cap_net_broadcast",
NET_ADMIN: "cap_net_admin",
NET_RAW: "cap_net_raw",
IPC_LOCK: "cap_ipc_lock",
IPC_OWNER: "cap_ipc_owner",
SYS_MODULE: "cap_sys_module",
SYS_RAWIO: "cap_sys_rawio",
SYS_CHROOT: "cap_sys_chroot",
SYS_PTRACE: "cap_sys_ptrace",
SYS_PACCT: "cap_sys_pacct",
SYS_ADMIN: "cap_sys_admin",
SYS_BOOT: "cap_sys_boot",
SYS_NICE: "cap_sys_nice",
SYS_RESOURCE: "cap_sys_resource",
SYS_TIME: "cap_sys_time",
SYS_TTY_CONFIG: "cap_sys_tty_config",
MKNOD: "cap_mknod",
LEASE: "cap_lease",
AUDIT_WRITE: "cap_audit_write",
AUDIT_CONTROL: "cap_audit_control",
SETFCAP: "cap_setfcap",
MAC_OVERRIDE: "cap_mac_override",
MAC_ADMIN: "cap_mac_admin",
SYSLOG: "cap_syslog",
WAKE_ALARM: "cap_wake_alarm",
BLOCK_SUSPEND: "cap_block_suspend",
AUDIT_READ: "cap_audit_read",
PERFMON: "cap_perfmon",
BPF: "cap_bpf",
CHECKPOINT_RESTORE: "cap_checkpoint_restore",
}
var bits = map[string]Value{
"cap_chown": CHOWN,
"cap_dac_override": DAC_OVERRIDE,
"cap_dac_read_search": DAC_READ_SEARCH,
"cap_fowner": FOWNER,
"cap_fsetid": FSETID,
"cap_kill": KILL,
"cap_setgid": SETGID,
"cap_setuid": SETUID,
"cap_setpcap": SETPCAP,
"cap_linux_immutable": LINUX_IMMUTABLE,
"cap_net_bind_service": NET_BIND_SERVICE,
"cap_net_broadcast": NET_BROADCAST,
"cap_net_admin": NET_ADMIN,
"cap_net_raw": NET_RAW,
"cap_ipc_lock": IPC_LOCK,
"cap_ipc_owner": IPC_OWNER,
"cap_sys_module": SYS_MODULE,
"cap_sys_rawio": SYS_RAWIO,
"cap_sys_chroot": SYS_CHROOT,
"cap_sys_ptrace": SYS_PTRACE,
"cap_sys_pacct": SYS_PACCT,
"cap_sys_admin": SYS_ADMIN,
"cap_sys_boot": SYS_BOOT,
"cap_sys_nice": SYS_NICE,
"cap_sys_resource": SYS_RESOURCE,
"cap_sys_time": SYS_TIME,
"cap_sys_tty_config": SYS_TTY_CONFIG,
"cap_mknod": MKNOD,
"cap_lease": LEASE,
"cap_audit_write": AUDIT_WRITE,
"cap_audit_control": AUDIT_CONTROL,
"cap_setfcap": SETFCAP,
"cap_mac_override": MAC_OVERRIDE,
"cap_mac_admin": MAC_ADMIN,
"cap_syslog": SYSLOG,
"cap_wake_alarm": WAKE_ALARM,
"cap_block_suspend": BLOCK_SUSPEND,
"cap_audit_read": AUDIT_READ,
"cap_perfmon": PERFMON,
"cap_bpf": BPF,
"cap_checkpoint_restore": CHECKPOINT_RESTORE,
}
|