Sunday, May 5, 2024
Homepage · setcap
 Popular · Latest · Hot · Upcoming
20
rated 0 times [  20] [ 0]  / answers: 1 / hits: 8963  / 2 Years ago, mon, may 9, 2022, 4:07:42

When using setcap for a file, is this change permanent or do I have to invoke setcap somewhere at boot time?



setcap cap_sys_nice fooexecutable

More From » setcap
 Answers
3

The setcap on the file stores the capabilities in an extended attribute with a call to setxattr. This extended attribute is stored like other attributes (ownership, rights...) in the filesystem.




Since kernel 2.6.24, the kernel supports associating capability sets
with an executable file using setcap(8). The file capability sets are
stored in an extended attribute (see setxattr(2)) named
security.capability.




So, you don't have to reset your cap on each reboot.


[#41139] Tuesday, May 10, 2022, 2 Years  [reply] [flag answer]
Only authorized users can answer the question. Please sign in first, or register a free account.
hergy
Add To Favorites
Follow
Total Points: 64
Total Questions: 115
Total Answers: 109
Location: Saint Helena
Member since Tue, Nov 3, 2020
4 Years ago
;