本文整理汇总了C++中cap_free函数的典型用法代码示例。如果您正苦于以下问题:C++ cap_free函数的具体用法?C++ cap_free怎么用?C++ cap_free使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了cap_free函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: bug
/* n.b. yes I know I should be using libcap!! */
int retval;
struct __user_cap_header_struct cap_head;
struct __user_cap_data_struct cap_data;
__u32 cap_mask = 0;
if (!caps)
{
bug("asked to adopt no capabilities");
}
vsf_sysutil_memclr(&cap_head, sizeof(cap_head));
vsf_sysutil_memclr(&cap_data, sizeof(cap_data));
cap_head.version = _LINUX_CAPABILITY_VERSION;
cap_head.pid = 0;
if (caps & kCapabilityCAP_CHOWN)
{
cap_mask |= (1 << CAP_CHOWN);
}
if (caps & kCapabilityCAP_NET_BIND_SERVICE)
{
cap_mask |= (1 << CAP_NET_BIND_SERVICE);
}
cap_data.effective = cap_data.permitted = cap_mask;
cap_data.inheritable = 0;
retval = capset(&cap_head, &cap_data);
if (retval != 0)
{
die("capset");
}
}
#else /* VSF_SYSDEP_HAVE_LIBCAP */
static int
do_checkcap(void)
{
cap_t current_caps = cap_get_proc();
cap_free(current_caps);
if (current_caps != NULL)
{
return 1;
}
return 0;
}
示例2: am_privileged
static int am_privileged(void)
{
int am_privileged = 1;
cap_t cap = cap_get_proc();
if (eff_caps_empty(cap))
am_privileged = 0;
cap_free(cap);
return am_privileged;
}
示例3: nsm_clear_capabilities
static _Bool
nsm_clear_capabilities(void)
{
cap_t caps;
caps = cap_from_text("cap_net_bind_service=ep");
if (caps == NULL) {
xlog(L_ERROR, "Failed to allocate capability: %m");
return false;
}
if (cap_set_proc(caps) == -1) {
xlog(L_ERROR, "Failed to set capability flags: %m");
(void)cap_free(caps);
return false;
}
(void)cap_free(caps);
return true;
}
示例4: cpucaps_project_remove
/*
* The project is going away so disable its cap.
*/
void
cpucaps_project_remove(kproject_t *kpj)
{
mutex_enter(&caps_lock);
if (PROJECT_IS_CAPPED(kpj))
cap_project_disable(kpj);
if (kpj->kpj_cpucap != NULL) {
cap_free(kpj->kpj_cpucap);
kpj->kpj_cpucap = NULL;
}
mutex_exit(&caps_lock);
}
示例5: ruid_child_init
/* run after child init we are uid User and gid Group */
static void ruid_child_init (apr_pool_t *p, server_rec *s)
{
UNUSED(s);
int ncap;
cap_t cap;
cap_value_t capval[4];
/* detect default supplementary group IDs */
if ((startup_groupsnr = getgroups(RUID_MAXGROUPS, startup_groups)) == -1) {
startup_groupsnr = 0;
ap_log_error (APLOG_MARK, APLOG_ERR, 0, NULL, "%s ERROR getgroups() failed on child init, ignoring supplementary group IDs", MODULE_NAME);
}
/* setup chroot jailbreak */
if (chroot_used == RUID_CHROOT_USED && cap_mode == RUID_CAP_MODE_KEEP) {
if ((root_handle = open("/.", O_RDONLY)) < 0) {
root_handle = UNSET;
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR opening root file descriptor failed (%s)", MODULE_NAME, strerror(errno));
} else if (fcntl(root_handle, F_SETFD, FD_CLOEXEC) < 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR unable to set close-on-exec flag on root file descriptor (%s)", MODULE_NAME, strerror(errno));
if (close(root_handle) < 0)
ap_log_error (APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR closing root file descriptor (%d) failed", MODULE_NAME, root_handle);
root_handle = UNSET;
} else {
/* register cleanup function */
apr_pool_cleanup_register(p, (void*)((long)root_handle), ruid_child_exit, apr_pool_cleanup_null);
}
} else {
root_handle = (chroot_used == RUID_CHROOT_USED ? NONE : UNSET);
}
/* init cap with all zeros */
cap = cap_init();
capval[0] = CAP_SETUID;
capval[1] = CAP_SETGID;
ncap = 2;
if (mode_stat_used == RUID_MODE_STAT_USED) {
capval[ncap++] = CAP_DAC_READ_SEARCH;
}
if (root_handle != UNSET) {
capval[ncap++] = CAP_SYS_CHROOT;
}
cap_set_flag(cap, CAP_PERMITTED, ncap, capval, CAP_SET);
if (cap_set_proc(cap) != 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR %s:cap_set_proc failed", MODULE_NAME, __func__);
}
cap_free(cap);
/* check if process is dumpable */
coredump = prctl(PR_GET_DUMPABLE);
}
示例6: main
int main()
{
#ifdef HAVE_LIBCAP
cap_t caps, caps2;
int ret;
caps = cap_from_text("cap_setpcap+ep");
caps2 = cap_from_text("cap_setpcap+ep");
ret = cap_set_proc(caps);
ret = cap_compare(caps, caps2);
printf("Caps were %sthe same\n", ret ? "not " : "");
cap_free(caps);
cap_free(caps2);
return ret;
#else
printf("System doesn't support full POSIX capabilities.\n");
return 1;
#endif
}
示例7: have_capabilities
static int have_capabilities(void) {
#ifdef HAVE_CAP_GET_PROC
cap_t caps = cap_get_proc();
if (caps) {
cap_flag_value_t value_p;
cap_get_flag(caps, CAP_SYS_CHROOT, CAP_EFFECTIVE,&value_p);
cap_free(caps);
return (value_p);
}
#endif /*HAVE_CAP_GET_PROC*/
return 0;
}
示例8: pycap_set_proc
static PyObject *
pycap_set_proc(PyObject *self, PyObject *args) {
char *cap_str;
cap_t cap;
if (!PyArg_ParseTuple(args, "s", &cap_str)) {
return NULL;
}
if ((cap = cap_from_text(cap_str)) == NULL) {
PyErr_SetFromErrno(PyExc_OSError);
return NULL;
}
if (cap_set_proc(cap)) {
PyErr_SetFromErrno(PyExc_OSError);
cap_free(cap);
return NULL;
}
cap_free(cap);
Py_RETURN_NONE;
}
示例9: do_cap_get_file
char *
do_cap_get_file (const char *path)
{
cap_t cap;
char *r, *ret;
CHROOT_IN;
cap = cap_get_file (path);
CHROOT_OUT;
if (cap == NULL) {
reply_with_perror ("%s", path);
return NULL;
}
r = cap_to_text (cap, NULL);
if (r == NULL) {
reply_with_perror ("cap_to_text");
cap_free (cap);
return NULL;
}
cap_free (cap);
/* 'r' is not an ordinary pointer that can be freed with free(3)!
* In the current implementation of libcap, if you try to do that it
* will segfault. We have to duplicate this into an ordinary
* buffer, then call cap_free (r).
*/
ret = strdup (r);
if (ret == NULL) {
reply_with_perror ("strdup");
cap_free (r);
return NULL;
}
cap_free (r);
return ret; /* caller frees */
}
示例10: set_caps_from_text
int set_caps_from_text(char *capstr)
{
cap_t caps = cap_from_text(capstr);
int ret;
if (!caps) {
tst_resm(TFAIL, "Bad capability name: %s\n", capstr);
return 1;
}
ret = cap_set_proc(caps);
cap_free(caps);
return ret;
}
示例11: do_cap_set
static int do_cap_set(cap_value_t *cap_value, int size, int reset)
{
cap_t caps;
if (reset) {
/*
* Start with an empty set and set permitted and effective
*/
caps = cap_init();
if (caps == NULL) {
do_perror("cap_init");
return -1;
}
if (cap_set_flag(caps, CAP_PERMITTED, size, cap_value, CAP_SET) < 0) {
do_perror("cap_set_flag");
goto error;
}
} else {
caps = cap_get_proc();
if (!caps) {
do_perror("cap_get_proc");
return -1;
}
}
if (cap_set_flag(caps, CAP_EFFECTIVE, size, cap_value, CAP_SET) < 0) {
do_perror("cap_set_flag");
goto error;
}
if (cap_set_proc(caps) < 0) {
do_perror("cap_set_proc");
goto error;
}
cap_free(caps);
return 0;
error:
cap_free(caps);
return -1;
}
示例12: fsmSetFCaps
static int fsmSetFCaps(const char *path, const char *captxt)
{
int rc = 0;
#if WITH_CAP
if (captxt && *captxt != '\0') {
cap_t fcaps = cap_from_text(captxt);
if (fcaps == NULL || cap_set_file(path, fcaps) != 0) {
rc = RPMERR_SETCAP_FAILED;
}
cap_free(fcaps);
}
#endif
return rc;
}
示例13: _clrcap
static void
_clrcap (char *s, cap_value_t capflag)
{
cap_t cap;
if (!(cap = cap_get_proc ()))
err_exit ("%s: cap_get_proc", s);
if (cap_set_flag (cap, CAP_EFFECTIVE, 1, &capflag, CAP_CLEAR) < 0)
err_exit ("%s: cap_set_flag", s);
if (cap_set_proc (cap) < 0)
err_exit ("%s: cap_set_proc", s);
if (cap_free (cap) < 0)
err_exit ("%s: cap_free", s);
}
示例14: _prtcap
static void
_prtcap (char *s, cap_value_t capflag)
{
cap_t cap;
cap_flag_value_t val;
if (!(cap = cap_get_proc ()))
err_exit ("%s: cap_get_proc", s);
if (cap_get_flag (cap, capflag, CAP_EFFECTIVE, &val) < 0)
err_exit ("%s: cap_get_flag", s);
if (cap_free (cap) < 0)
err_exit ("%s: cap_free", s);
msg ("%s: cap is %s", s, val == CAP_SET ? "set" : "clear");
}
示例15: lxc_caps_up
int lxc_caps_up(void)
{
cap_t caps;
cap_value_t cap;
int ret;
/* when we are run as root, we don't want to play
* with the capabilities */
if (!getuid())
return 0;
caps = cap_get_proc();
if (!caps) {
ERROR("failed to cap_get_proc: %m");
return -1;
}
//设置程序能力
for (cap = 0; cap <= CAP_LAST_CAP; cap++) {
cap_flag_value_t flag;
ret = cap_get_flag(caps, cap, CAP_PERMITTED, &flag);
if (ret) {
if (errno == EINVAL) {
INFO("Last supported cap was %d\n", cap-1);
break;
} else {
ERROR("failed to cap_get_flag: %m");
goto out;
}
}
ret = cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap, flag);
if (ret) {
ERROR("failed to cap_set_flag: %m");
goto out;
}
}
ret = cap_set_proc(caps);
if (ret) {
ERROR("failed to cap_set_proc: %m");
goto out;
}
out:
cap_free(caps);
return 0;
}