%general-entities; ]> $LastChangedBy$ $Date$ libcap The libcap package was installed in LFS, but if Linux-PAM support is desired, the PAM module must be built (after installation of Linux-PAM). &lfs10_checked; Package Information Download (HTTP): Download (FTP): Download MD5 sum: &libcap-md5sum; Download size: &libcap-size; Estimated disk space required: &libcap-buildsize; Estimated build time: &libcap-time; libcap Dependencies Required User Notes: If you are upgrading libcap from a previous version, use the instructions in LFS libcap page to upgrade libcap. If has been built, the PAM module will automatically be built too. Install libcap by running the following commands: make -C pam_cap This package does not come with a test suite. Now, as the root user: install -v -m755 pam_cap/pam_cap.so /lib/security && install -v -m644 pam_cap/capability.conf /etc/security In order to allow Linux-PAM to grant privileges based on POSIX capabilites, you need to add the libcap module to the begining of the /etc/pam.d/system-auth file. Make the required edits with the following commands: mv -v /etc/pam.d/system-auth{,.bak} && cat > /etc/pam.d/system-auth << "EOF" && # Begin /etc/pam.d/system-auth auth optional pam_cap.so EOF tail -n +3 /etc/pam.d/system-auth.bak >> /etc/pam.d/system-auth Additonally, you'll need to modify the /etc/security/capability.conf file to grant necessary privileges to users, and utilize the setcap utility to set capabilities on specific utilities as needed. See man 8 setcap and man 3 cap_from_text for additional information. Installed Programs Installed Library Installed Directories None pam_cap.so None