Quoting KaiGai Kohei ([EMAIL PROTECTED]): > Andrew Morgan, > > >> I'll post the patch of setfcaps/getfcap for his tree. > >> I believe it is better way to maintain. > >> > >> Thanks, > > The following patch to libcap enables to display file capabilities > recursively on the enumerated directories when -r is specified. > > In addition, some other features are ported from my getfcap. > When an entry contains no file-capabilities, displaying it will be > skipped without returning an error. However, -v option enables to > display those filenames with no capabilities. > -h options displays short usage message. > > Please consider to apply it on your tree. > > EXAMPLE: > [EMAIL PROTECTED] libcap]$ ./progs/getcap -r /tmp > /tmp/ping = cap_net_raw+ep > [EMAIL PROTECTED] libcap]$
So I'm unclear - is there going to be one definitive libcap tree? I downloaded Adnrew's tree, but it didn't seem to have a copy of setfcaps.c and getfcaps.c at all. I defined CAP_NS_UNSHARE as bit 32 as an experiment, and had to do some finagling/combination of both of your trees to do so... Though that aside I'm pleased to say it all worked perfectly. -serge - To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
