Skip to content
/ caps Public

pure-Go minimalist package for getting and setting the capabilities of Linux tasks (threads). No need for linking with libcap.

License

Notifications You must be signed in to change notification settings

thediveo/caps

Repository files navigation

caps

PkgGoDev License Build and Test Coverage Go Report Card

A pure-Go minimalist package for getting and setting the capabilities of Linux tasks (threads). No need for linking with libcap.

Example: Dropping and Regaining Effective Capabilities

To drop the calling task's effective capabilities only, without dropping the permitted capabilities:

// Make sure to lock this Go routine to its current OS-level task (thread).
runtime.LockOSThread()

origcaps := caps.OfThisTask()
dropped := origcaps.Clone()
dropped.Effective.Clear()
caps.SetForThisTask(dropped)

To regain only a specific effective capability:

dropped.Effective.Add(caps.CAP_SYS_ADMIN)
caps.SetForThisTask(dropped)

And finally to regain all originally effective capabilities:

caps.SetForThisTask(origcaps)

Go Version Support

caps supports versions of Go that are noted by the Go release policy, that is, major versions N and N-1 (where N is the current major version).

Contributing

Please see CONTRIBUTING.md.

Copyright and License

caps is Copyright 2023 Harald Albrecht, and licensed under the Apache License, Version 2.0.

About

pure-Go minimalist package for getting and setting the capabilities of Linux tasks (threads). No need for linking with libcap.

Resources

License

Stars

Watchers

Forks

Packages

No packages published