1 /* 2 * Copyright (C) 2015 Etienne CHAMPETIER <champetier.etienne@gmail.com> 3 * 4 * This program is free software; you can redistribute it and/or modify 5 * it under the terms of the GNU Lesser General Public License version 2.1 6 * as published by the Free Software Foundation 7 * 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 11 * GNU General Public License for more details. 12 */ 13 #ifndef _JAIL_CAPABILITIES_H_ 14 #define _JAIL_CAPABILITIES_H_ 15 16 #include <libubox/blobmsg.h> 17 #include <linux/capability.h> 18 19 struct jail_capset { 20 uint64_t bounding; 21 uint64_t effective; 22 uint64_t inheritable; 23 uint64_t permitted; 24 uint64_t ambient; 25 uint8_t apply; 26 }; 27 28 int parseOCIcapabilities(struct jail_capset *capset, struct blob_attr *msg); 29 int parseOCIcapabilities_from_file(struct jail_capset *capset, const char *file); 30 int applyOCIcapabilities(struct jail_capset capset, uint64_t retain); 31 32 /* capget/capset syscall wrappers are provided by libc */ 33 extern int capget(cap_user_header_t header, cap_user_data_t data); 34 extern int capset(cap_user_header_t header, const cap_user_data_t data); 35 36 #endif 37
This page was automatically generated by LXR 0.3.1. • OpenWrt