1package cap 2 3/* ** DO NOT EDIT THIS FILE. IT WAS AUTO-GENERATED BY LIBCAP'S GO BUILDER (mknames.go) ** */ 4 5// NamedCount holds the number of capability values with official 6// names known at the time this libcap/cap version, was released. The 7// "../libcap/cap" package is fully able to manipulate higher numbered 8// capability values by numerical value. However, if you find 9// cap.NamedCount < cap.MaxBits(), it is probably time to upgrade this 10// package on your system. 11// 12// FWIW the userspace tool '/sbin/capsh' also contains a runtime check 13// for the condition that libcap is behind the running kernel in this 14// way. 15const NamedCount = 41 16 17// CHOWN etc., are the named capability values of the Linux 18// kernel. The canonical source for each name is the 19// "uapi/linux/capabilities.h" file. Some values may not be available 20// (yet) where the kernel is older. The actual number of capabities 21// supported by the running kernel can be obtained using the 22// cap.MaxBits() function. 23const ( 24 // CHOWN allows a process to arbitrarily change the user and 25 // group ownership of a file. 26 CHOWN Value = iota 27 28 // DAC_OVERRIDE allows a process to override of all Discretionary 29 // Access Control (DAC) access, including ACL execute 30 // access. That is read, write or execute files that the 31 // process would otherwise not have access to. This 32 // excludes DAC access covered by cap.LINUX_IMMUTABLE. 33 DAC_OVERRIDE 34 35 // DAC_READ_SEARCH allows a process to override all DAC restrictions 36 // limiting the read and search of files and 37 // directories. This excludes DAC access covered by 38 // cap.LINUX_IMMUTABLE. 39 DAC_READ_SEARCH 40 41 // FOWNER allows a process to perform operations on files, even 42 // where file owner ID should otherwise need be equal to 43 // the UID, except where cap.FSETID is applicable. It 44 // doesn't override MAC and DAC restrictions. 45 FOWNER 46 47 // FSETID allows a process to set the S_ISUID and S_ISUID bits of 48 // the file permissions, even when the process' effective 49 // UID or GID/supplementary GIDs do not match that of the 50 // file. 51 FSETID 52 53 // KILL allows a process to send a kill(2) signal to any other 54 // process - overriding the limitation that there be a 55 // [E]UID match between source and target process. 56 KILL 57 58 // SETGID allows a process to freely manipulate its own GIDs: 59 // - arbitrarily set the GID, EGID, REGID, RESGID values 60 // - arbitrarily set the supplementary GIDs 61 // - allows the forging of GID credentials passed over a 62 // socket 63 SETGID 64 65 // SETUID allows a process to freely manipulate its own UIDs: 66 // - arbitrarily set the UID, EUID, REUID and RESUID 67 // values 68 // - allows the forging of UID credentials passed over a 69 // socket 70 SETUID 71 72 // SETPCAP allows a process to freely manipulate its inheritable 73 // capabilities. Linux supports the POSIX.1e Inheritable 74 // set, as well as Bounding and Ambient Linux extension 75 // vectors. This capability permits dropping bits from the 76 // Bounding vector. It also permits the process to raise 77 // Ambient vector bits that are both raised in the 78 // Permitted and Inheritable sets of the process. This 79 // capability cannot be used to raise Permitted bits, or 80 // Effective bits beyond those already present in the 81 // process' permitted set. 82 // 83 // [Historical note: prior to the advent of file 84 // capabilities (2008), this capability was suppressed by 85 // default, as its unsuppressed behavior was not 86 // auditable: it could asynchronously grant its own 87 // Permitted capabilities to and remove capabilities from 88 // other processes arbitrarily. The former leads to 89 // undefined behavior, and the latter is better served by 90 // the kill system call.] 91 SETPCAP 92 93 // LINUX_IMMUTABLE allows a process to modify the S_IMMUTABLE and 94 // S_APPEND file attributes. 95 LINUX_IMMUTABLE 96 97 // NET_BIND_SERVICE allows a process to bind to privileged ports: 98 // - TCP/UDP sockets below 1024 99 // - ATM VCIs below 32 100 NET_BIND_SERVICE 101 102 // NET_BROADCAST allows a process to broadcast to the network and to 103 // listen to multicast. 104 NET_BROADCAST 105 106 // NET_ADMIN allows a process to perform network configuration 107 // operations: 108 // - interface configuration 109 // - administration of IP firewall, masquerading and 110 // accounting 111 // - setting debug options on sockets 112 // - modification of routing tables 113 // - setting arbitrary process, and process group 114 // ownership on sockets 115 // - binding to any address for transparent proxying 116 // (this is also allowed via cap.NET_RAW) 117 // - setting TOS (Type of service) 118 // - setting promiscuous mode 119 // - clearing driver statistics 120 // - multicasing 121 // - read/write of device-specific registers 122 // - activation of ATM control sockets 123 NET_ADMIN 124 125 // NET_RAW allows a process to use raw networking: 126 // - RAW sockets 127 // - PACKET sockets 128 // - binding to any address for transparent proxying 129 // (also permitted via cap.NET_ADMIN) 130 NET_RAW 131 132 // IPC_LOCK allows a process to lock shared memory segments for IPC 133 // purposes. Also enables mlock and mlockall system 134 // calls. 135 IPC_LOCK 136 137 // IPC_OWNER allows a process to override IPC ownership checks. 138 IPC_OWNER 139 140 // SYS_MODULE allows a process to initiate the loading and unloading 141 // of kernel modules. This capability can effectively 142 // modify kernel without limit. 143 SYS_MODULE 144 145 // SYS_RAWIO allows a process to perform raw IO: 146 // - permit ioper/iopl access 147 // - permit sending USB messages to any device via 148 // /dev/bus/usb 149 SYS_RAWIO 150 151 // SYS_CHROOT allows a process to perform a chroot syscall to change 152 // the effective root of the process' file system: 153 // redirect to directory "/" to some other location. 154 SYS_CHROOT 155 156 // SYS_PTRACE allows a process to perform a ptrace() of any other 157 // process. 158 SYS_PTRACE 159 160 // SYS_PACCT allows a process to configure process accounting. 161 SYS_PACCT 162 163 // SYS_ADMIN allows a process to perform a somewhat arbitrary 164 // grab-bag of privileged operations. Over time, this 165 // capability should weaken as specific capabilities are 166 // created for subsets of cap.SYS_ADMINs functionality: 167 // - configuration of the secure attention key 168 // - administration of the random device 169 // - examination and configuration of disk quotas 170 // - setting the domainname 171 // - setting the hostname 172 // - calling bdflush() 173 // - mount() and umount(), setting up new SMB connection 174 // - some autofs root ioctls 175 // - nfsservctl 176 // - VM86_REQUEST_IRQ 177 // - to read/write pci config on alpha 178 // - irix_prctl on mips (setstacksize) 179 // - flushing all cache on m68k (sys_cacheflush) 180 // - removing semaphores 181 // - Used instead of cap.CHOWN to "chown" IPC message 182 // queues, semaphores and shared memory 183 // - locking/unlocking of shared memory segment 184 // - turning swap on/off 185 // - forged pids on socket credentials passing 186 // - setting readahead and flushing buffers on block 187 // devices 188 // - setting geometry in floppy driver 189 // - turning DMA on/off in xd driver 190 // - administration of md devices (mostly the above, but 191 // some extra ioctls) 192 // - tuning the ide driver 193 // - access to the nvram device 194 // - administration of apm_bios, serial and bttv (TV) 195 // device 196 // - manufacturer commands in isdn CAPI support driver 197 // - reading non-standardized portions of PCI 198 // configuration space 199 // - DDI debug ioctl on sbpcd driver 200 // - setting up serial ports 201 // - sending raw qic-117 commands 202 // - enabling/disabling tagged queuing on SCSI 203 // controllers and sending arbitrary SCSI commands 204 // - setting encryption key on loopback filesystem 205 // - setting zone reclaim policy 206 SYS_ADMIN 207 208 // SYS_BOOT allows a process to initiate a reboot of the system. 209 SYS_BOOT 210 211 // SYS_NICE allows a process to maipulate the execution priorities 212 // of arbitrary processes: 213 // - those involving different UIDs 214 // - setting their CPU affinity 215 // - alter the FIFO vs. round-robin (realtime) 216 // scheduling for itself and other processes. 217 SYS_NICE 218 219 // SYS_RESOURCE allows a process to adjust resource related parameters 220 // of processes and the system: 221 // - set and override resource limits 222 // - override quota limits 223 // - override the reserved space on ext2 filesystem 224 // (this can also be achieved via cap.FSETID) 225 // - modify the data journaling mode on ext3 filesystem, 226 // which uses journaling resources 227 // - override size restrictions on IPC message queues 228 // - configure more than 64Hz interrupts from the 229 // real-time clock 230 // - override the maximum number of consoles for console 231 // allocation 232 // - override the maximum number of keymaps 233 SYS_RESOURCE 234 235 // SYS_TIME allows a process to perform time manipulation of clocks: 236 // - alter the system clock 237 // - enable irix_stime on MIPS 238 // - set the real-time clock 239 SYS_TIME 240 241 // SYS_TTY_CONFIG allows a process to manipulate tty devices: 242 // - configure tty devices 243 // - perform vhangup() of a tty 244 SYS_TTY_CONFIG 245 246 // MKNOD allows a process to perform privileged operations with 247 // the mknod() system call. 248 MKNOD 249 250 // LEASE allows a process to take leases on files. 251 LEASE 252 253 // AUDIT_WRITE allows a process to write to the audit log via a 254 // unicast netlink socket. 255 AUDIT_WRITE 256 257 // AUDIT_CONTROL allows a process to configure audit logging via a 258 // unicast netlink socket. 259 AUDIT_CONTROL 260 261 // SETFCAP allows a process to set capabilities on files. 262 // Permits a process to uid_map the uid=0 of the 263 // parent user namespace into that of the child 264 // namespace. Also, permits a process to override 265 // securebits locks through user namespace 266 // creation. 267 SETFCAP 268 269 // MAC_OVERRIDE allows a process to override Manditory Access Control 270 // (MAC) access. Not all kernels are configured with a MAC 271 // mechanism, but this is the capability reserved for 272 // overriding them. 273 MAC_OVERRIDE 274 275 // MAC_ADMIN allows a process to configure the Mandatory Access 276 // Control (MAC) policy. Not all kernels are configured 277 // with a MAC enabled, but if they are this capability is 278 // reserved for code to perform administration tasks. 279 MAC_ADMIN 280 281 // SYSLOG allows a process to configure the kernel's syslog 282 // (printk) behavior. 283 SYSLOG 284 285 // WAKE_ALARM allows a process to trigger something that can wake the 286 // system up. 287 WAKE_ALARM 288 289 // BLOCK_SUSPEND allows a process to block system suspends - prevent the 290 // system from entering a lower power state. 291 BLOCK_SUSPEND 292 293 // AUDIT_READ allows a process to read the audit log via a multicast 294 // netlink socket. 295 AUDIT_READ 296 297 // PERFMON allows a process to enable observability of privileged 298 // operations related to performance. The mechanisms 299 // include perf_events, i915_perf and other kernel 300 // subsystems. 301 PERFMON 302 303 // BPF allows a process to manipulate aspects of the kernel 304 // enhanced Berkeley Packet Filter (BPF) system. This is 305 // an execution subsystem of the kernel, that manages BPF 306 // programs. cap.BPF permits a process to: 307 // - create all types of BPF maps 308 // - advanced verifier features: 309 // - indirect variable access 310 // - bounded loops 311 // - BPF to BPF function calls 312 // - scalar precision tracking 313 // - larger complexity limits 314 // - dead code elimination 315 // - potentially other features 316 // 317 // Other capabilities can be used together with cap.BFP to 318 // further manipulate the BPF system: 319 // - cap.PERFMON relaxes the verifier checks as follows: 320 // - BPF programs can use pointer-to-integer 321 // conversions 322 // - speculation attack hardening measures can be 323 // bypassed 324 // - bpf_probe_read to read arbitrary kernel memory is 325 // permitted 326 // - bpf_trace_printk to print the content of kernel 327 // memory 328 // - cap.SYS_ADMIN permits the following: 329 // - use of bpf_probe_write_user 330 // - iteration over the system-wide loaded programs, 331 // maps, links BTFs and convert their IDs to file 332 // descriptors. 333 // - cap.PERFMON is required to load tracing programs. 334 // - cap.NET_ADMIN is required to load networking 335 // programs. 336 BPF 337 338 // CHECKPOINT_RESTORE allows a process to perform checkpoint 339 // and restore operations. Also permits 340 // explicit PID control via clone3() and 341 // also writing to ns_last_pid. 342 CHECKPOINT_RESTORE 343) 344 345var names = map[Value]string{ 346 CHOWN: "cap_chown", 347 DAC_OVERRIDE: "cap_dac_override", 348 DAC_READ_SEARCH: "cap_dac_read_search", 349 FOWNER: "cap_fowner", 350 FSETID: "cap_fsetid", 351 KILL: "cap_kill", 352 SETGID: "cap_setgid", 353 SETUID: "cap_setuid", 354 SETPCAP: "cap_setpcap", 355 LINUX_IMMUTABLE: "cap_linux_immutable", 356 NET_BIND_SERVICE: "cap_net_bind_service", 357 NET_BROADCAST: "cap_net_broadcast", 358 NET_ADMIN: "cap_net_admin", 359 NET_RAW: "cap_net_raw", 360 IPC_LOCK: "cap_ipc_lock", 361 IPC_OWNER: "cap_ipc_owner", 362 SYS_MODULE: "cap_sys_module", 363 SYS_RAWIO: "cap_sys_rawio", 364 SYS_CHROOT: "cap_sys_chroot", 365 SYS_PTRACE: "cap_sys_ptrace", 366 SYS_PACCT: "cap_sys_pacct", 367 SYS_ADMIN: "cap_sys_admin", 368 SYS_BOOT: "cap_sys_boot", 369 SYS_NICE: "cap_sys_nice", 370 SYS_RESOURCE: "cap_sys_resource", 371 SYS_TIME: "cap_sys_time", 372 SYS_TTY_CONFIG: "cap_sys_tty_config", 373 MKNOD: "cap_mknod", 374 LEASE: "cap_lease", 375 AUDIT_WRITE: "cap_audit_write", 376 AUDIT_CONTROL: "cap_audit_control", 377 SETFCAP: "cap_setfcap", 378 MAC_OVERRIDE: "cap_mac_override", 379 MAC_ADMIN: "cap_mac_admin", 380 SYSLOG: "cap_syslog", 381 WAKE_ALARM: "cap_wake_alarm", 382 BLOCK_SUSPEND: "cap_block_suspend", 383 AUDIT_READ: "cap_audit_read", 384 PERFMON: "cap_perfmon", 385 BPF: "cap_bpf", 386 CHECKPOINT_RESTORE: "cap_checkpoint_restore", 387} 388 389var bits = map[string]Value{ 390 "cap_chown": CHOWN, 391 "cap_dac_override": DAC_OVERRIDE, 392 "cap_dac_read_search": DAC_READ_SEARCH, 393 "cap_fowner": FOWNER, 394 "cap_fsetid": FSETID, 395 "cap_kill": KILL, 396 "cap_setgid": SETGID, 397 "cap_setuid": SETUID, 398 "cap_setpcap": SETPCAP, 399 "cap_linux_immutable": LINUX_IMMUTABLE, 400 "cap_net_bind_service": NET_BIND_SERVICE, 401 "cap_net_broadcast": NET_BROADCAST, 402 "cap_net_admin": NET_ADMIN, 403 "cap_net_raw": NET_RAW, 404 "cap_ipc_lock": IPC_LOCK, 405 "cap_ipc_owner": IPC_OWNER, 406 "cap_sys_module": SYS_MODULE, 407 "cap_sys_rawio": SYS_RAWIO, 408 "cap_sys_chroot": SYS_CHROOT, 409 "cap_sys_ptrace": SYS_PTRACE, 410 "cap_sys_pacct": SYS_PACCT, 411 "cap_sys_admin": SYS_ADMIN, 412 "cap_sys_boot": SYS_BOOT, 413 "cap_sys_nice": SYS_NICE, 414 "cap_sys_resource": SYS_RESOURCE, 415 "cap_sys_time": SYS_TIME, 416 "cap_sys_tty_config": SYS_TTY_CONFIG, 417 "cap_mknod": MKNOD, 418 "cap_lease": LEASE, 419 "cap_audit_write": AUDIT_WRITE, 420 "cap_audit_control": AUDIT_CONTROL, 421 "cap_setfcap": SETFCAP, 422 "cap_mac_override": MAC_OVERRIDE, 423 "cap_mac_admin": MAC_ADMIN, 424 "cap_syslog": SYSLOG, 425 "cap_wake_alarm": WAKE_ALARM, 426 "cap_block_suspend": BLOCK_SUSPEND, 427 "cap_audit_read": AUDIT_READ, 428 "cap_perfmon": PERFMON, 429 "cap_bpf": BPF, 430 "cap_checkpoint_restore": CHECKPOINT_RESTORE, 431} 432