Linux-Capabilities
view release on metacpan or search on metacpan
lib/Linux/Capabilities.pod view on Meta::CPAN
=head1 DESCRIPTION
Linux::Capabilities contains a number of very fast useful functions, written in C.
=head1 SYNOPSIS
use Linux::Capabilities;
my $caps_self = Linux::Capabilities->new;# Creating capabilities list for self proccess
my $caps_other = Linux::Capabilities->new(5432);# Creating capabilities list for proccess with pid 5432
my $caps_by_text = Linux::Capabilities->new("all=epi cap_chown-p");# Creating capabilities list from text as in system call cap_from_text
my $caps_empty = Linux::Capabilities->empty;# Creating empty capabilities set
my $caps_from_file = Linux::Capabilities->from_file("./file");# Creating capabilities set from file
print $caps_self->get_text;
my $all_caps = $caps_self0->get_all;# Hash with capabilities
my $cap_chown = $caps_self->get_value(CAP_CHOWN);
my $cap_kill_effective = $caps_self->get_value(CAP_KILL, CAP_EFFECTIVE);
$cap_self->raise;
$cap_self->raise(CAP_CHOWN);
$cap_self->raise([CAP_CHOWN, CAP_KILL]);
$cap_self->raise(CAP_CHOWN, CAP_EFFECTIVE);
$cap_self->raise(CAP_CHOWN, [CAP_EFFECTIVE, CAP_PERMITTED]);
$cap_self->raise([CAP_CHOWN, CAP_KILL], [CAP_EFFECTIVE, CAP_PERMITTED]);
$cap_self->drop;
lib/Linux/Capabilities.pod view on Meta::CPAN
=head2 is_supported
$caps->is_supported(12);
Linux::Capabilities::is_supported(12);
is_supported will return 1 if capability that you passed there is supported on your system and 0 otherwise.
=head2 get_name
my $name1 = $caps->get_name(CAP_CHOWN); # $name1 = "cap_chown"
my $name2 = Linux::Capabilities::get_name(CAP_NET_BIND_SERVICE); # $name2 = "cap_net_bind_service"
=head2 new
my $cap = Linux::Capability->new;
returns object that is working with capability set
=over
=item new
Object is created with capability set from current proccess.
=item new(5432)
Object is created with capability set from procces with pid that you pass to new.
=item new("cap_chown=e")
Object is created with capability set made from input string, as in system call cap_from_text in Linux.
=back
=head2 from_file
my $caps = Linux::Capabilities->from_file("./foo.pl");
Object is created with capability set from a file.
=head2 empty
Object is created with clear capability set.
=head2 get_text
Returns text made from capability set, same as system call cap_to_text in Linux.
my $cap_text = Linux::Capabilities->new("cap_chown=p");
$cap_text will be set to "cap_chown=p"
=head2 get_all
Returns capability set as hash reference:
my $caps = Linux::Capabilities->new("cap_chown=ep cap_kill=i");
my $cap_all = $caps->get_all;
$cap_all will be set to:
{
cap_chown => {
effective => 1,
permitted => 1,
inheritable => 0
},
cap_kill => {
effective => 0,
permitted => 0,
inheritable => 1
}
}
=head2 get_value
Returns capability flags as hash reference:
my $caps = Linux::Capabilities->new("cap_chown=ep cap_kill=i");
my $cap_chown = $cap_all->get_value(CAP_CHOWN);
$cap_chown will be set to:
{
effective => 1,
permitted => 1,
inheritable => 0,
}
=head2 get_value_flag
Returns value of a flag in capability(i.e. flag effective in CAP_CHOWN);
my $caps = Linux::Capabilities->new("cap_chown=ep cap_kill=i");
my $cap_chown_eff = $cap_all->get_value_flag(CAP_CHOWN, CAP_EFFECTIVE);
$cap_chown_eff will be set to 1
=head2 raise
raise is used to make flags state CAP_SET in your current capabilities set.
=over
=item raise
$caps->raise;
t/02-constructor.t view on Meta::CPAN
use FindBin;
use Linux::Capabilities;
my $obj = Linux::Capabilities->empty;
ok $obj, 'constructed';# "creating my capabilities set"
my $obj = Linux::Capabilities->new;
ok $obj, 'constructed';# "creating my capabilities set"
$obj = Linux::Capabilities->new("cap_chown=p");
ok $obj, 'constructed';# "creating capabilities set by string"
my $pid = $$;
$obj = Linux::Capabilities->new($$);
ok $obj, 'constructed';# "creating some(pid: $pid) proccess capabilities set"
my $bad_pid = 1234567890;
throws_ok(sub { Linux::Capabilities->new($bad_pid); }, qr/can't access proccess, pid: $bad_pid/, "constructing from bad pid");
my $bad_string = "bad_string";
t/05-get_value(_flag).t view on Meta::CPAN
use Test::More;
use Test::Deep;
use Linux::Capabilities;
my $str = "cap_chown+ep cap_kill=i";
my $cap = Linux::Capabilities->new($str);
cmp_deeply($cap->get_value(CAP_CHOWN), {
effective => 1,
permitted => 1,
inheritable => 0,
}, "get cap_chown flags");
is $cap->get_value_flag(CAP_CHOWN, CAP_EFFECTIVE), 1;
is $cap->get_value_flag(CAP_CHOWN, CAP_PERMITTED), 1;
is $cap->get_value_flag(CAP_CHOWN, CAP_INHERITABLE), 0;
cmp_deeply($cap->get_value(CAP_KILL), {
effective => 0,
permitted => 0,
inheritable => 1,
}, "get cap_kill flags");
t/08-get_all.t view on Meta::CPAN
use Test::More;
use Test::Deep;
use Test::Exception;
use Linux::Capabilities;
my $cap = Linux::Capabilities->new("cap_chown=pi cap_kill=e");
cmp_deeply($cap->get_all, {
cap_chown => {
effective => 0,
permitted => 1,
inheritable => 1,
},
cap_kill => {
effective => 1,
permitted => 0,
inheritable => 0,
},
}, "get_all capabilities");
t/09-get_name.t view on Meta::CPAN
use Test::More;
use Test::Exception;
use Linux::Capabilities;
my $str = "cap_kill+ep";
my $cap = Linux::Capabilities->empty;
is (lc $cap->get_name(CAP_CHOWN), "cap_chown");
is (lc $cap->get_name(CAP_AUDIT_READ), "cap_audit_read");
is (lc Linux::Capabilities::get_name(CAP_CHOWN), "cap_chown");
is (lc Linux::Capabilities::get_name(CAP_AUDIT_READ), "cap_audit_read");
my $bad_val = -1;
throws_ok(sub { $cap->get_name($bad_val); }, qr/bad value: $bad_val/, "get_name on not existing capabilitie");
done_testing;
( run in 1.323 second using v1.01-cache-2.11-cpan-71847e10f99 )