1package cap 2 3/* ** DO NOT EDIT THIS FILE. IT WAS AUTO-GENERATED BY LIBCAP'S GO BUILDER (mknames.go) ** */ 4 5// NamedCount holds the number of capability values with official 6// names known at the time this libcap/cap version, was released. The 7// "../libcap/cap" package is fully able to manipulate higher numbered 8// capability values by numerical value. However, if you find 9// cap.NamedCount < cap.MaxBits(), it is probably time to upgrade this 10// package on your system. 11// 12// FWIW the userspace tool '/sbin/capsh' also contains a runtime check 13// for the condition that libcap is behind the running kernel in this 14// way. 15const NamedCount = 41 16 17// CHOWN etc., are the named capability values of the Linux 18// kernel. The canonical source for each name is the 19// "uapi/linux/capabilities.h" file. Some values may not be available 20// (yet) where the kernel is older. The actual number of capabities 21// supported by the running kernel can be obtained using the 22// cap.MaxBits() function. 23const ( 24 // CHOWN allows a process to arbitrarily change the user and 25 // group ownership of a file. 26 CHOWN Value = iota 27 28 // DAC_OVERRIDE allows a process to override of all Discretionary 29 // Access Control (DAC) access, including ACL execute 30 // access. That is read, write or execute files that the 31 // process would otherwise not have access to. This 32 // excludes DAC access covered by cap.LINUX_IMMUTABLE. 33 DAC_OVERRIDE 34 35 // DAC_READ_SEARCH allows a process to override all DAC restrictions 36 // limiting the read and search of files and 37 // directories. This excludes DAC access covered by 38 // cap.LINUX_IMMUTABLE. 39 DAC_READ_SEARCH 40 41 // FOWNER allows a process to perform operations on files, even 42 // where file owner ID should otherwise need be equal to 43 // the UID, except where cap.FSETID is applicable. It 44 // doesn't override MAC and DAC restrictions. 45 FOWNER 46 47 // FSETID allows a process to set the S_ISUID and S_ISUID bits of 48 // the file permissions, even when the process' effective 49 // UID or GID/supplementary GIDs do not match that of the 50 // file. 51 FSETID 52 53 // KILL allows a process to sent a kill(2) signal to any other 54 // process - overriding the limitation that there be a 55 // [E]UID match between source and target process. 56 KILL 57 58 // SETGID allows a process to freely manipulate its own GIDs: 59 // - arbitrarily set the GID, EGID, REGID, RESGID values 60 // - arbitrarily set the supplementary GIDs 61 // - allows the forging of GID credentials passed over a 62 // socket 63 SETGID 64 65 // SETUID allows a process to freely manipulate its own UIDs: 66 // - arbitraily set the UID, EUID, REUID and RESUID 67 // values 68 // - allows the forging of UID credentials passed over a 69 // socket 70 SETUID 71 72 // SETPCAP allows a process to freely manipulate its inheritable 73 // capabilities. Linux supports the POSIX.1e Inheritable 74 // set, as well as Bounding and Ambient Linux extension 75 // vectors. This capability permits dropping bits from the 76 // Bounding vector. It also permits the process to raise 77 // Ambient vector bits that are both raised in the 78 // Permitted and Inheritable sets of the process. This 79 // capability cannot be used to raise Permitted bits, or 80 // Effective bits beyond those already present in the 81 // process' permitted set. 82 // 83 // [Historical note: prior to the advent of file 84 // capabilities (2008), this capability was suppressed by 85 // default, as its unsuppressed behavior was not 86 // auditable: it could asynchronously grant its own 87 // Permitted capabilities to and remove capabilities from 88 // other processes arbitraily. The former leads to 89 // undefined behavior, and the latter is better served by 90 // the kill system call.] 91 SETPCAP 92 93 // LINUX_IMMUTABLE allows a process to modify the S_IMMUTABLE and 94 // S_APPEND file attributes. 95 LINUX_IMMUTABLE 96 97 // NET_BIND_SERVICE allows a process to bind to privileged ports: 98 // - TCP/UDP sockets below 1024 99 // - ATM VCIs below 32 100 NET_BIND_SERVICE 101 102 // NET_BROADCAST allows a process to broadcast to the network and to 103 // listen to multicast. 104 NET_BROADCAST 105 106 // NET_ADMIN allows a process to perform network configuration 107 // operations: 108 // - interface configuration 109 // - administration of IP firewall, masquerading and 110 // accounting 111 // - setting debug options on sockets 112 // - modification of routing tables 113 // - setting arbitrary process, and process group 114 // ownership on sockets 115 // - binding to any address for transparent proxying 116 // (this is also allowed via cap.NET_RAW) 117 // - setting TOS (Type of service) 118 // - setting promiscuous mode 119 // - clearing driver statistics 120 // - multicasing 121 // - read/write of device-specific registers 122 // - activation of ATM control sockets 123 NET_ADMIN 124 125 // NET_RAW allows a process to use raw networking: 126 // - RAW sockets 127 // - PACKET sockets 128 // - binding to any address for transparent proxying 129 // (also permitted via cap.NET_ADMIN) 130 NET_RAW 131 132 // IPC_LOCK allows a process to lock shared memory segments for IPC 133 // purposes. Also enables mlock and mlockall system 134 // calls. 135 IPC_LOCK 136 137 // IPC_OWNER allows a process to override IPC ownership checks. 138 IPC_OWNER 139 140 // SYS_MODULE allows a process to initiate the loading and unloading 141 // of kernel modules. This capability can effectively 142 // modify kernel without limit. 143 SYS_MODULE 144 145 // SYS_RAWIO allows a process to perform raw IO: 146 // - permit ioper/iopl access 147 // - permit sending USB messages to any device via 148 // /dev/bus/usb 149 SYS_RAWIO 150 151 // SYS_CHROOT allows a process to perform a chroot syscall to change 152 // the effective root of the process' file system: 153 // redirect to directory "/" to some other location. 154 SYS_CHROOT 155 156 // SYS_PTRACE allows a process to perform a ptrace() of any other 157 // process. 158 SYS_PTRACE 159 160 // SYS_PACCT allows a process to configure process accounting. 161 SYS_PACCT 162 163 // SYS_ADMIN allows a process to perform a somewhat arbitrary 164 // grab-bag of privileged operations. Over time, this 165 // capability should weaken as specific capabilities are 166 // created for subsets of cap.SYS_ADMINs functionality: 167 // - configuration of the secure attention key 168 // - administration of the random device 169 // - examination and configuration of disk quotas 170 // - setting the domainname 171 // - setting the hostname 172 // - calling bdflush() 173 // - mount() and umount(), setting up new SMB connection 174 // - some autofs root ioctls 175 // - nfsservctl 176 // - VM86_REQUEST_IRQ 177 // - to read/write pci config on alpha 178 // - irix_prctl on mips (setstacksize) 179 // - flushing all cache on m68k (sys_cacheflush) 180 // - removing semaphores 181 // - Used instead of cap.CHOWN to "chown" IPC message 182 // queues, semaphores and shared memory 183 // - locking/unlocking of shared memory segment 184 // - turning swap on/off 185 // - forged pids on socket credentials passing 186 // - setting readahead and flushing buffers on block 187 // devices 188 // - setting geometry in floppy driver 189 // - turning DMA on/off in xd driver 190 // - administration of md devices (mostly the above, but 191 // some extra ioctls) 192 // - tuning the ide driver 193 // - access to the nvram device 194 // - administration of apm_bios, serial and bttv (TV) 195 // device 196 // - manufacturer commands in isdn CAPI support driver 197 // - reading non-standardized portions of PCI 198 // configuration space 199 // - DDI debug ioctl on sbpcd driver 200 // - setting up serial ports 201 // - sending raw qic-117 commands 202 // - enabling/disabling tagged queuing on SCSI 203 // controllers and sending arbitrary SCSI commands 204 // - setting encryption key on loopback filesystem 205 // - setting zone reclaim policy 206 SYS_ADMIN 207 208 // SYS_BOOT allows a process to initiate a reboot of the system. 209 SYS_BOOT 210 211 // SYS_NICE allows a process to maipulate the execution priorities 212 // of arbitrary processes: 213 // - those involving different UIDs 214 // - setting their CPU affinity 215 // - alter the FIFO vs. round-robin (realtime) 216 // scheduling for itself and other processes. 217 SYS_NICE 218 219 // SYS_RESOURCE allows a process to adjust resource related parameters 220 // of processes and the system: 221 // - set and override resource limits 222 // - override quota limits 223 // - override the reserved space on ext2 filesystem 224 // (this can also be achieved via cap.FSETID) 225 // - modify the data journaling mode on ext3 filesystem, 226 // which uses journaling resources 227 // - override size restrictions on IPC message queues 228 // - configure more than 64Hz interrupts from the 229 // real-time clock 230 // - override the maximum number of consoles for console 231 // allocation 232 // - override the maximum number of keymaps 233 // 234 // 235 SYS_RESOURCE 236 237 // SYS_TIME allows a process to perform time manipulation of clocks: 238 // - alter the system clock 239 // - enable irix_stime on MIPS 240 // - set the real-time clock 241 SYS_TIME 242 243 // SYS_TTY_CONFIG allows a process to manipulate tty devices: 244 // - configure tty devices 245 // - perform vhangup() of a tty 246 SYS_TTY_CONFIG 247 248 // MKNOD allows a process to perform privileged operations with 249 // the mknod() system call. 250 MKNOD 251 252 // LEASE allows a process to take leases on files. 253 LEASE 254 255 // AUDIT_WRITE allows a process to write to the audit log via a 256 // unicast netlink socket. 257 AUDIT_WRITE 258 259 // AUDIT_CONTROL allows a process to configure audit logging via a 260 // unicast netlink socket. 261 AUDIT_CONTROL 262 263 // SETFCAP allows a process to set capabilities on files. 264 SETFCAP 265 266 // MAC_OVERRIDE allows a process to override Manditory Access Control 267 // (MAC) access. Not all kernels are configured with a MAC 268 // mechanism, but this is the capability reserved for 269 // overriding them. 270 MAC_OVERRIDE 271 272 // MAC_ADMIN allows a process to configure the Mandatory Access 273 // Control (MAC) policy. Not all kernels are configured 274 // with a MAC enabled, but if they are this capability is 275 // reserved for code to perform administration tasks. 276 MAC_ADMIN 277 278 // SYSLOG allows a process to configure the kernel's syslog 279 // (printk) behavior. 280 SYSLOG 281 282 // WAKE_ALARM allows a process to trigger something that can wake the 283 // system up. 284 WAKE_ALARM 285 286 // BLOCK_SUSPEND allows a process to block system suspends - prevent the 287 // system from entering a lower power state. 288 BLOCK_SUSPEND 289 290 // AUDIT_READ allows a process to read the audit log via a multicast 291 // netlink socket. 292 AUDIT_READ 293 294 // PERFMON allows a process to enable observability of privileged 295 // operations related to performance. The mechanisms 296 // include perf_events, i915_perf and other kernel 297 // subsystems. 298 PERFMON 299 300 // BPF allows a process to manipulate aspects of the kernel 301 // enhanced Berkeley Packet Filter (BPF) system. This is 302 // an execution subsystem of the kernel, that manages BPF 303 // programs. cap.BPF permits a process to: 304 // - create all types of BPF maps 305 // - advanced verifier features: 306 // - indirect variable access 307 // - bounded loops 308 // - BPF to BPF function calls 309 // - scalar precision tracking 310 // - larger complexity limits 311 // - dead code elimination 312 // - potentially other features 313 // 314 // Other capabilities can be used together with cap.BFP to 315 // further manipulate the BPF system: 316 // - cap.PERFMON relaxes the verifier checks as follows: 317 // - BPF programs can use pointer-to-integer 318 // conversions 319 // - speculation attack hardening measures can be 320 // bypassed 321 // - bpf_probe_read to read arbitrary kernel memory is 322 // permitted 323 // - bpf_trace_printk to print the content of kernel 324 // memory 325 // - cap.SYS_ADMIN permits the following: 326 // - use of bpf_probe_write_user 327 // - iteration over the system-wide loaded programs, 328 // maps, links BTFs and convert their IDs to file 329 // descriptors. 330 // - cap.PERFMON is required to load tracing programs. 331 // - cap.NET_ADMIN is required to load networking 332 // programs. 333 BPF 334 335 // CHECKPOINT_RESTORE allows a process to perform checkpoint 336 // and restore operations. Also permits 337 // explicit PID control via clone3() and 338 // also writing to ns_last_pid. 339 CHECKPOINT_RESTORE 340) 341 342var names = map[Value]string{ 343 CHOWN: "cap_chown", 344 DAC_OVERRIDE: "cap_dac_override", 345 DAC_READ_SEARCH: "cap_dac_read_search", 346 FOWNER: "cap_fowner", 347 FSETID: "cap_fsetid", 348 KILL: "cap_kill", 349 SETGID: "cap_setgid", 350 SETUID: "cap_setuid", 351 SETPCAP: "cap_setpcap", 352 LINUX_IMMUTABLE: "cap_linux_immutable", 353 NET_BIND_SERVICE: "cap_net_bind_service", 354 NET_BROADCAST: "cap_net_broadcast", 355 NET_ADMIN: "cap_net_admin", 356 NET_RAW: "cap_net_raw", 357 IPC_LOCK: "cap_ipc_lock", 358 IPC_OWNER: "cap_ipc_owner", 359 SYS_MODULE: "cap_sys_module", 360 SYS_RAWIO: "cap_sys_rawio", 361 SYS_CHROOT: "cap_sys_chroot", 362 SYS_PTRACE: "cap_sys_ptrace", 363 SYS_PACCT: "cap_sys_pacct", 364 SYS_ADMIN: "cap_sys_admin", 365 SYS_BOOT: "cap_sys_boot", 366 SYS_NICE: "cap_sys_nice", 367 SYS_RESOURCE: "cap_sys_resource", 368 SYS_TIME: "cap_sys_time", 369 SYS_TTY_CONFIG: "cap_sys_tty_config", 370 MKNOD: "cap_mknod", 371 LEASE: "cap_lease", 372 AUDIT_WRITE: "cap_audit_write", 373 AUDIT_CONTROL: "cap_audit_control", 374 SETFCAP: "cap_setfcap", 375 MAC_OVERRIDE: "cap_mac_override", 376 MAC_ADMIN: "cap_mac_admin", 377 SYSLOG: "cap_syslog", 378 WAKE_ALARM: "cap_wake_alarm", 379 BLOCK_SUSPEND: "cap_block_suspend", 380 AUDIT_READ: "cap_audit_read", 381 PERFMON: "cap_perfmon", 382 BPF: "cap_bpf", 383 CHECKPOINT_RESTORE: "cap_checkpoint_restore", 384} 385 386var bits = map[string]Value{ 387 "cap_chown": CHOWN, 388 "cap_dac_override": DAC_OVERRIDE, 389 "cap_dac_read_search": DAC_READ_SEARCH, 390 "cap_fowner": FOWNER, 391 "cap_fsetid": FSETID, 392 "cap_kill": KILL, 393 "cap_setgid": SETGID, 394 "cap_setuid": SETUID, 395 "cap_setpcap": SETPCAP, 396 "cap_linux_immutable": LINUX_IMMUTABLE, 397 "cap_net_bind_service": NET_BIND_SERVICE, 398 "cap_net_broadcast": NET_BROADCAST, 399 "cap_net_admin": NET_ADMIN, 400 "cap_net_raw": NET_RAW, 401 "cap_ipc_lock": IPC_LOCK, 402 "cap_ipc_owner": IPC_OWNER, 403 "cap_sys_module": SYS_MODULE, 404 "cap_sys_rawio": SYS_RAWIO, 405 "cap_sys_chroot": SYS_CHROOT, 406 "cap_sys_ptrace": SYS_PTRACE, 407 "cap_sys_pacct": SYS_PACCT, 408 "cap_sys_admin": SYS_ADMIN, 409 "cap_sys_boot": SYS_BOOT, 410 "cap_sys_nice": SYS_NICE, 411 "cap_sys_resource": SYS_RESOURCE, 412 "cap_sys_time": SYS_TIME, 413 "cap_sys_tty_config": SYS_TTY_CONFIG, 414 "cap_mknod": MKNOD, 415 "cap_lease": LEASE, 416 "cap_audit_write": AUDIT_WRITE, 417 "cap_audit_control": AUDIT_CONTROL, 418 "cap_setfcap": SETFCAP, 419 "cap_mac_override": MAC_OVERRIDE, 420 "cap_mac_admin": MAC_ADMIN, 421 "cap_syslog": SYSLOG, 422 "cap_wake_alarm": WAKE_ALARM, 423 "cap_block_suspend": BLOCK_SUSPEND, 424 "cap_audit_read": AUDIT_READ, 425 "cap_perfmon": PERFMON, 426 "cap_bpf": BPF, 427 "cap_checkpoint_restore": CHECKPOINT_RESTORE, 428} 429