Hi, I've recently been digging into setpriv from util-linux and implemented ambient capabilities. I've been surprised to find this tool in busybox, even though it is still rather restrained due to just supporting the `--nnp` flag. I took the opportunity and implemented most of the flags I need to replace util-linux' setpriv with the busybox one. I'm sorry if my work crosses anybody elses work due to me not coordinating these changes.
Anyway. These patches implement the ability to dump most of the information that setpriv outputs via `setpriv --dump` (excluding securebits and the increased verbrosity mode of setpriv when specifying `--dump` multiple times). Furthermore, I've added the ability to modify the set of inheritable and ambient capabilities via `--inh-caps` and `--ambient-caps`. Note that the second option is not yet part of any release of util-linux, but it has been applied upstream and will probably be part of util-linux v2.31. I first want to gauge interest in increasing the scope of setpriv with these patches. If you as a project are interested, I'll implement additional missing bits such as changing users and groups, making it complete for at least my own use cases. Regards Patrick Patrick Steinhardt (9): setpriv: do not process remaining args setpriv: prepare option parsing logic for additional opts setpriv: dump user and group info setpriv: dump no-new-privs info setpriv: dump inheritable capability set setpriv: dump capability bounding set setpriv: dump ambient capabilities setpriv: allow modifying inheritable caps setpriv: allow modifying ambient capabilities util-linux/setpriv.c | 341 +++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 333 insertions(+), 8 deletions(-) -- 2.13.2 _______________________________________________ busybox mailing list [email protected] http://lists.busybox.net/mailman/listinfo/busybox
