source: chapter08/libcap.xml@ 6134551

xry111/usr-move
Last change on this file since 6134551 was 6134551, checked in by Xi Ruoyao <xry111@…>, 21 months ago

usr-move: libcap: adjust the permission of shared libraries

  • Property mode set to 100644
File size: 5.3 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../general.ent">
5 %general-entities;
6]>
7
8<sect1 id="ch-system-libcap" role="wrap">
9 <?dbhtml filename="libcap.html"?>
10
11 <sect1info condition="script">
12 <productname>libcap</productname>
13 <productnumber>&libcap-version;</productnumber>
14 <address>&libcap-url;</address>
15 </sect1info>
16
17 <title>Libcap-&libcap-version;</title>
18
19 <indexterm zone="ch-system-libcap">
20 <primary sortas="a-Libcap">Libcap</primary>
21 </indexterm>
22
23 <sect2 role="package">
24 <title/>
25
26 <para>The Libcap package implements the user-space interfaces to the POSIX
27 1003.1e capabilities available in Linux kernels. These capabilities are a
28 partitioning of the all powerful root privilege into a set of distinct
29 privileges.</para>
30
31 <segmentedlist>
32 <segtitle>&buildtime;</segtitle>
33 <segtitle>&diskspace;</segtitle>
34
35 <seglistitem>
36 <seg>&libcap-fin-sbu;</seg>
37 <seg>&libcap-fin-du;</seg>
38 </seglistitem>
39 </segmentedlist>
40
41 </sect2>
42
43 <sect2 role="installation">
44 <title>Installation of Libcap</title>
45
46 <para>Prevent static libraries from being installed:</para>
47
48<screen><userinput remap="pre">sed -i '/install -m.*STA/d' libcap/Makefile</userinput></screen>
49
50 <para>Compile the package:</para>
51
52<screen><userinput remap="make">make prefix=/usr lib=lib</userinput></screen>
53
54 <variablelist>
55 <title>The meaning of the make option:</title>
56
57 <varlistentry>
58 <term><parameter>lib=lib</parameter></term>
59 <listitem>
60 <para>This parameter sets the library directory to
61 <filename>/usr/lib</filename> rather than
62 <filename>/usr/lib64</filename> on x86_64. It has no effect on
63 x86.</para>
64 </listitem>
65 </varlistentry>
66 </variablelist>
67
68 <para>To test the results, issue:</para>
69
70<screen><userinput remap="test">make test</userinput></screen>
71
72 <para>Install the package:</para>
73
74<screen><userinput remap="install">make prefix=/usr lib=lib install</userinput></screen>
75
76 <para revision="sysv">Make sure the essential libraries are in
77 the correct directory:</para>
78
79<screen revision="sysv"><userinput remap="install">for libname in cap psx; do
80 mv -v /usr/lib/lib${libname}.so.* /lib
81 ln -sfv ../../lib/lib${libname}.so.2 /usr/lib/lib${libname}.so
82done</userinput></screen>
83
84 <para>Adjust the permission of the shared libraries:</para>
85
86<screen><userinput remap="install">chmod -v 755 /lib/lib{cap,psx}.so.&libcap-version;</userinput></screen>
87
88 </sect2>
89
90 <sect2 id="contents-libcap" role="content">
91 <title>Contents of Libcap</title>
92
93 <segmentedlist>
94 <segtitle>Installed programs</segtitle>
95 <segtitle>Installed library</segtitle>
96
97 <seglistitem>
98 <seg>capsh, getcap, getpcaps, and setcap</seg>
99 <seg>libcap.so and libpsx.so</seg>
100 </seglistitem>
101 </segmentedlist>
102
103 <variablelist>
104 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
105 <?dbfo list-presentation="list"?>
106 <?dbhtml list-presentation="table"?>
107
108 <varlistentry id="capsh">
109 <term><command>capsh</command></term>
110 <listitem>
111 <para>A shell wrapper to explore and constrain capability support</para>
112 <indexterm zone="ch-system-libcap capsh">
113 <primary sortas="b-capsh">capsh</primary>
114 </indexterm>
115 </listitem>
116 </varlistentry>
117
118 <varlistentry id="getcap">
119 <term><command>getcap</command></term>
120 <listitem>
121 <para>Examines file capabilities</para>
122 <indexterm zone="ch-system-libcap getcap">
123 <primary sortas="b-getcap">getcap</primary>
124 </indexterm>
125 </listitem>
126 </varlistentry>
127
128 <varlistentry id="getpcaps">
129 <term><command>getpcaps</command></term>
130 <listitem>
131 <para>Displays the capabilities on the queried process(es)</para>
132 <indexterm zone="ch-system-libcap getpcaps">
133 <primary sortas="b-getpcaps">getpcaps</primary>
134 </indexterm>
135 </listitem>
136 </varlistentry>
137
138 <varlistentry id="setcap">
139 <term><command>setcap</command></term>
140 <listitem>
141 <para>Sets file capabilities</para>
142 <indexterm zone="ch-system-libcap setcap">
143 <primary sortas="b-setcap">setcap</primary>
144 </indexterm>
145 </listitem>
146 </varlistentry>
147
148 <varlistentry id="libcap">
149 <term><filename class="libraryfile">libcap</filename></term>
150 <listitem>
151 <para>Contains the library functions for manipulating POSIX 1003.1e
152 capabilities</para>
153 <indexterm zone="ch-system-libcap libcap">
154 <primary sortas="c-libcap">libcap</primary>
155 </indexterm>
156 </listitem>
157 </varlistentry>
158
159 <varlistentry id="libpsx">
160 <term><filename class="libraryfile">libpsx</filename></term>
161 <listitem>
162 <para>Contains functions to support POSIX semantics for syscalls
163 associated with the pthread library</para>
164 <indexterm zone="ch-system-libcap libpsx">
165 <primary sortas="c-libpsx">libpsx</primary>
166 </indexterm>
167 </listitem>
168 </varlistentry>
169
170 </variablelist>
171
172 </sect2>
173
174</sect1>
Note: See TracBrowser for help on using the repository browser.