1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
.\" Copyright, the authors of the Linux man-pages project
.\"
.\" SPDX-License-Identifier: Linux-man-pages-copyleft
.\"
.TH PR_CAP_AMBIENT_RAISE 2const 2025-05-17 "Linux man-pages (unreleased)"
.SH NAME
PR_CAP_AMBIENT_RAISE
\-
add to the ambient capability set of the calling thread
.SH LIBRARY
Standard C library
.RI ( libc ,\~ \-lc )
.SH SYNOPSIS
.nf
.BR "#include <linux/prctl.h>" " /* Definition of " PR_* " constants */"
.B #include <sys/prctl.h>
.P
.BI "int prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_RAISE, long " cap ", 0L, 0L);"
.fi
.SH DESCRIPTION
The capability specified in
.I cap
is added to the ambient capability set.
The specified capability must already be present in
both the permitted and the inheritable sets of the process.
This operation is not permitted if the
.B SECBIT_NO_CAP_AMBIENT_RAISE
securebit is set.
.SH RETURN VALUE
On success,
0 is returned.
On error, \-1 is returned, and
.I errno
is set to indicate the error.
.SH ERRORS
.TP
.B EINVAL
.I cap
does not specify a valid capability.
.TP
.B EPERM
either the capability specified in
.I cap
is not present in the process's permitted and inheritable capability sets,
or the
.B PR_CAP_AMBIENT_LOWER
securebit has been set.
.SH VERSIONS
See
.BR PR_CAP_AMBIENT (2const).
.SH STANDARDS
Linux.
.SH HISTORY
Linux 4.3.
.\" commit 58319057b7847667f0c9585b9de0e8932b0fdb08
.SH SEE ALSO
.BR prctl (2),
.BR PR_CAP_AMBIENT (2const),
.BR libcap (3)
|
