On 4/21/21 7:53 PM, swarna latha wrote:
> Hi Seth,
>
> Thank you for your immediate response. I have followed as per your suggestion.
>
> My header file name is common_caps
>
> cat common_caps:
> capability chown dac_override dac_read_search fowner fsetid kill ipc_lock
> sys_nice setpcap
Hi Seth,
Thank you for your immediate response. I have followed as per your
suggestion.
My header file name is common_caps
cat common_caps:
capability chown dac_override dac_read_search fowner fsetid kill ipc_lock
sys_nice setpcap ipc_owner sys_ptrace sys_chroot,
profile Test /usr/bin/ping
On Wed, Apr 21, 2021 at 09:41:23AM -0400, swarna latha wrote:
> Can someone throw lights on how to implement a set of default
> capabilities to be added in all profiles (preferably in header file)
Hello Swarna, I gave advice to someone else recently that's probably
applicable to your case, too:
Hi,
We are working on enforcing profile for a process. This process uses a
library to
run the process in non-root mode, which in turn needs a set of
capabilities.
When creating a profile, we want this capabilities to be kept separate and
want this to be included. when we tried to add the