本文整理汇总了C++中cap_free函数的典型用法代码示例。如果您正苦于以下问题:C++ cap_free函数的具体用法?C++ cap_free怎么用?C++ cap_free使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了cap_free函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的C++代码示例。
示例1: bug
/* n.b. yes I know I should be using libcap!! */
int retval;
struct __user_cap_header_struct cap_head;
struct __user_cap_data_struct cap_data;
__u32 cap_mask = 0;
if (!caps)
{
bug("asked to adopt no capabilities");
}
vsf_sysutil_memclr(&cap_head, sizeof(cap_head));
vsf_sysutil_memclr(&cap_data, sizeof(cap_data));
cap_head.version = _LINUX_CAPABILITY_VERSION;
cap_head.pid = 0;
if (caps & kCapabilityCAP_CHOWN)
{
cap_mask |= (1 << CAP_CHOWN);
}
if (caps & kCapabilityCAP_NET_BIND_SERVICE)
{
cap_mask |= (1 << CAP_NET_BIND_SERVICE);
}
cap_data.effective = cap_data.permitted = cap_mask;
cap_data.inheritable = 0;
retval = capset(&cap_head, &cap_data);
if (retval != 0)
{
die("capset");
}
}
#else /* VSF_SYSDEP_HAVE_LIBCAP */
static int
do_checkcap(void)
{
cap_t current_caps = cap_get_proc();
cap_free(current_caps);
if (current_caps != NULL)
{
return 1;
}
return 0;
}
开发者ID:arrrbiter,项目名称:flowftpd,代码行数:42,代码来源:sysdeputil.c
示例2: am_privileged
static int am_privileged(void)
{
int am_privileged = 1;
cap_t cap = cap_get_proc();
if (eff_caps_empty(cap))
am_privileged = 0;
cap_free(cap);
return am_privileged;
}
开发者ID:XyyStudyHard,项目名称:ltp,代码行数:11,代码来源:check_keepcaps.c
示例3: nsm_clear_capabilities
static _Bool
nsm_clear_capabilities(void)
{
cap_t caps;
caps = cap_from_text("cap_net_bind_service=ep");
if (caps == NULL) {
xlog(L_ERROR, "Failed to allocate capability: %m");
return false;
}
if (cap_set_proc(caps) == -1) {
xlog(L_ERROR, "Failed to set capability flags: %m");
(void)cap_free(caps);
return false;
}
(void)cap_free(caps);
return true;
}
开发者ID:Distrotech,项目名称:nfs-utils,代码行数:20,代码来源:file.c
示例4: cpucaps_project_remove
/*
* The project is going away so disable its cap.
*/
void
cpucaps_project_remove(kproject_t *kpj)
{
mutex_enter(&caps_lock);
if (PROJECT_IS_CAPPED(kpj))
cap_project_disable(kpj);
if (kpj->kpj_cpucap != NULL) {
cap_free(kpj->kpj_cpucap);
kpj->kpj_cpucap = NULL;
}
mutex_exit(&caps_lock);
}
开发者ID:maosi66,项目名称:illumos-joyent,代码行数:15,代码来源:cpucaps.c
示例5: ruid_child_init
/* run after child init we are uid User and gid Group */
static void ruid_child_init (apr_pool_t *p, server_rec *s)
{
UNUSED(s);
int ncap;
cap_t cap;
cap_value_t capval[4];
/* detect default supplementary group IDs */
if ((startup_groupsnr = getgroups(RUID_MAXGROUPS, startup_groups)) == -1) {
startup_groupsnr = 0;
ap_log_error (APLOG_MARK, APLOG_ERR, 0, NULL, "%s ERROR getgroups() failed on child init, ignoring supplementary group IDs", MODULE_NAME);
}
/* setup chroot jailbreak */
if (chroot_used == RUID_CHROOT_USED && cap_mode == RUID_CAP_MODE_KEEP) {
if ((root_handle = open("/.", O_RDONLY)) < 0) {
root_handle = UNSET;
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR opening root file descriptor failed (%s)", MODULE_NAME, strerror(errno));
} else if (fcntl(root_handle, F_SETFD, FD_CLOEXEC) < 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR unable to set close-on-exec flag on root file descriptor (%s)", MODULE_NAME, strerror(errno));
if (close(root_handle) < 0)
ap_log_error (APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR closing root file descriptor (%d) failed", MODULE_NAME, root_handle);
root_handle = UNSET;
} else {
/* register cleanup function */
apr_pool_cleanup_register(p, (void*)((long)root_handle), ruid_child_exit, apr_pool_cleanup_null);
}
} else {
root_handle = (chroot_used == RUID_CHROOT_USED ? NONE : UNSET);
}
/* init cap with all zeros */
cap = cap_init();
capval[0] = CAP_SETUID;
capval[1] = CAP_SETGID;
ncap = 2;
if (mode_stat_used == RUID_MODE_STAT_USED) {
capval[ncap++] = CAP_DAC_READ_SEARCH;
}
if (root_handle != UNSET) {
capval[ncap++] = CAP_SYS_CHROOT;
}
cap_set_flag(cap, CAP_PERMITTED, ncap, capval, CAP_SET);
if (cap_set_proc(cap) != 0) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, "%s CRITICAL ERROR %s:cap_set_proc failed", MODULE_NAME, __func__);
}
cap_free(cap);
/* check if process is dumpable */
coredump = prctl(PR_GET_DUMPABLE);
}
开发者ID:bjacquin,项目名称:mod-ruid2,代码行数:54,代码来源:mod_ruid2.c
示例6: main
int main()
{
#ifdef HAVE_LIBCAP
cap_t caps, caps2;
int ret;
caps = cap_from_text("cap_setpcap+ep");
caps2 = cap_from_text("cap_setpcap+ep");
ret = cap_set_proc(caps);
ret = cap_compare(caps, caps2);
printf("Caps were %sthe same\n", ret ? "not " : "");
cap_free(caps);
cap_free(caps2);
return ret;
#else
printf("System doesn't support full POSIX capabilities.\n");
return 1;
#endif
}
开发者ID:Altiscale,项目名称:sig-core-t_ltp,代码行数:21,代码来源:c.c
示例7: have_capabilities
static int have_capabilities(void) {
#ifdef HAVE_CAP_GET_PROC
cap_t caps = cap_get_proc();
if (caps) {
cap_flag_value_t value_p;
cap_get_flag(caps, CAP_SYS_CHROOT, CAP_EFFECTIVE,&value_p);
cap_free(caps);
return (value_p);
}
#endif /*HAVE_CAP_GET_PROC*/
return 0;
}
开发者ID:bencrox,项目名称:usavish,代码行数:12,代码来源:jk_chrootsh.c
示例8: pycap_set_proc
static PyObject *
pycap_set_proc(PyObject *self, PyObject *args) {
char *cap_str;
cap_t cap;
if (!PyArg_ParseTuple(args, "s", &cap_str)) {
return NULL;
}
if ((cap = cap_from_text(cap_str)) == NULL) {
PyErr_SetFromErrno(PyExc_OSError);
return NULL;
}
if (cap_set_proc(cap)) {
PyErr_SetFromErrno(PyExc_OSError);
cap_free(cap);
return NULL;
}
cap_free(cap);
Py_RETURN_NONE;
}
开发者ID:pombreda,项目名称:rmake,代码行数:22,代码来源:pycap.c
示例9: do_cap_get_file
char *
do_cap_get_file (const char *path)
{
cap_t cap;
char *r, *ret;
CHROOT_IN;
cap = cap_get_file (path);
CHROOT_OUT;
if (cap == NULL) {
reply_with_perror ("%s", path);
return NULL;
}
r = cap_to_text (cap, NULL);
if (r == NULL) {
reply_with_perror ("cap_to_text");
cap_free (cap);
return NULL;
}
cap_free (cap);
/* 'r' is not an ordinary pointer that can be freed with free(3)!
* In the current implementation of libcap, if you try to do that it
* will segfault. We have to duplicate this into an ordinary
* buffer, then call cap_free (r).
*/
ret = strdup (r);
if (ret == NULL) {
reply_with_perror ("strdup");
cap_free (r);
return NULL;
}
cap_free (r);
return ret; /* caller frees */
}
开发者ID:ArikaChen,项目名称:libguestfs,代码行数:39,代码来源:cap.c
示例10: set_caps_from_text
int set_caps_from_text(char *capstr)
{
cap_t caps = cap_from_text(capstr);
int ret;
if (!caps) {
tst_resm(TFAIL, "Bad capability name: %s\n", capstr);
return 1;
}
ret = cap_set_proc(caps);
cap_free(caps);
return ret;
}
开发者ID:heluxie,项目名称:LTP,代码行数:13,代码来源:inh_capped.c
示例11: do_cap_set
static int do_cap_set(cap_value_t *cap_value, int size, int reset)
{
cap_t caps;
if (reset) {
/*
* Start with an empty set and set permitted and effective
*/
caps = cap_init();
if (caps == NULL) {
do_perror("cap_init");
return -1;
}
if (cap_set_flag(caps, CAP_PERMITTED, size, cap_value, CAP_SET) < 0) {
do_perror("cap_set_flag");
goto error;
}
} else {
caps = cap_get_proc();
if (!caps) {
do_perror("cap_get_proc");
return -1;
}
}
if (cap_set_flag(caps, CAP_EFFECTIVE, size, cap_value, CAP_SET) < 0) {
do_perror("cap_set_flag");
goto error;
}
if (cap_set_proc(caps) < 0) {
do_perror("cap_set_proc");
goto error;
}
cap_free(caps);
return 0;
error:
cap_free(caps);
return -1;
}
开发者ID:CRYP706URU,项目名称:pyrebox,代码行数:38,代码来源:virtfs-proxy-helper.c
示例12: fsmSetFCaps
static int fsmSetFCaps(const char *path, const char *captxt)
{
int rc = 0;
#if WITH_CAP
if (captxt && *captxt != '\0') {
cap_t fcaps = cap_from_text(captxt);
if (fcaps == NULL || cap_set_file(path, fcaps) != 0) {
rc = RPMERR_SETCAP_FAILED;
}
cap_free(fcaps);
}
#endif
return rc;
}
开发者ID:nforro,项目名称:rpm,代码行数:14,代码来源:fsm.c
示例13: _clrcap
static void
_clrcap (char *s, cap_value_t capflag)
{
cap_t cap;
if (!(cap = cap_get_proc ()))
err_exit ("%s: cap_get_proc", s);
if (cap_set_flag (cap, CAP_EFFECTIVE, 1, &capflag, CAP_CLEAR) < 0)
err_exit ("%s: cap_set_flag", s);
if (cap_set_proc (cap) < 0)
err_exit ("%s: cap_set_proc", s);
if (cap_free (cap) < 0)
err_exit ("%s: cap_free", s);
}
开发者ID:EuroCorp,项目名称:diod,代码行数:14,代码来源:tcap.c
示例14: _prtcap
static void
_prtcap (char *s, cap_value_t capflag)
{
cap_t cap;
cap_flag_value_t val;
if (!(cap = cap_get_proc ()))
err_exit ("%s: cap_get_proc", s);
if (cap_get_flag (cap, capflag, CAP_EFFECTIVE, &val) < 0)
err_exit ("%s: cap_get_flag", s);
if (cap_free (cap) < 0)
err_exit ("%s: cap_free", s);
msg ("%s: cap is %s", s, val == CAP_SET ? "set" : "clear");
}
开发者ID:EuroCorp,项目名称:diod,代码行数:14,代码来源:tcap.c
示例15: lxc_caps_up
int lxc_caps_up(void)
{
cap_t caps;
cap_value_t cap;
int ret;
/* when we are run as root, we don't want to play
* with the capabilities */
if (!getuid())
return 0;
caps = cap_get_proc();
if (!caps) {
ERROR("failed to cap_get_proc: %m");
return -1;
}
//设置程序能力
for (cap = 0; cap <= CAP_LAST_CAP; cap++) {
cap_flag_value_t flag;
ret = cap_get_flag(caps, cap, CAP_PERMITTED, &flag);
if (ret) {
if (errno == EINVAL) {
INFO("Last supported cap was %d\n", cap-1);
break;
} else {
ERROR("failed to cap_get_flag: %m");
goto out;
}
}
ret = cap_set_flag(caps, CAP_EFFECTIVE, 1, &cap, flag);
if (ret) {
ERROR("failed to cap_set_flag: %m");
goto out;
}
}
ret = cap_set_proc(caps);
if (ret) {
ERROR("failed to cap_set_proc: %m");
goto out;
}
out:
cap_free(caps);
return 0;
}
开发者ID:duanbing,项目名称:lxc-0.9.0-comment,代码行数:50,代码来源:caps.c
示例16: cap_project_zone_modify_walker
/*
* The function is called for each project in a zone when the zone cap is
* modified. It enables project caps if zone cap is enabled and disables if the
* zone cap is disabled and project doesn't have its own cap.
*
* For each project that does not have cpucap structure allocated it allocates a
* new structure and assigns to kpj->cpu_cap. The allocation is performed
* without holding caps_lock to avoid using KM_SLEEP allocation with caps_lock
* held.
*/
static int
cap_project_zone_modify_walker(kproject_t *kpj, void *arg)
{
cpucap_t *project_cap = NULL;
cpucap_t *zone_cap = (cpucap_t *)arg;
ASSERT(zone_cap != NULL);
if (kpj->kpj_cpucap == NULL) {
/*
* This is the first time any cap was established for this
* project. Allocate a new cpucap structure for it.
*/
project_cap = cap_alloc();
}
mutex_enter(&caps_lock);
/*
* Double-check that kpj_cpucap is still NULL - now with caps_lock held
* and assign the newly allocated cpucap structure to it.
*/
if (kpj->kpj_cpucap == NULL) {
kpj->kpj_cpucap = project_cap;
} else if (project_cap != NULL) {
cap_free(project_cap);
}
project_cap = kpj->kpj_cpucap;
if (CAP_DISABLED(zone_cap)) {
/*
* Remove all projects in this zone without caps
* from the capped_projects list.
*/
if (project_cap->cap_chk_value == MAX_USAGE) {
cap_project_disable(kpj);
}
} else if (CAP_DISABLED(project_cap)) {
/*
* Add the project to capped_projects list.
*/
ASSERT(project_cap->cap_chk_value == 0);
cap_project_enable(kpj, MAX_USAGE);
}
mutex_exit(&caps_lock);
return (0);
}
开发者ID:maosi66,项目名称:illumos-joyent,代码行数:59,代码来源:cpucaps.c
示例17: modifyCap
static int
modifyCap(int capability, int setting)
{
cap_t caps;
cap_value_t capList[1];
/* Retrieve caller's current capabilities */
caps = cap_get_proc();
if (caps == NULL)
return 1;
/* Change setting of 'capability' in the effective set of 'caps'. The
third argument, 1, is the number of items in the array 'capList'. */
capList[0] = capability;
if (cap_set_flag(caps, CAP_EFFECTIVE, 1, capList, setting) == -1) {
cap_free(caps);
return 2;
}
/* Push modified capability sets back to kernel, to change
caller's capabilities */
if (cap_set_proc(caps) == -1) {
cap_free(caps);
return 3;
}
/* Free the structure that was allocated by libcap */
if (cap_free(caps) == -1)
return 4;
return 0;
}
开发者ID:tcharding,项目名称:self_learning,代码行数:36,代码来源:sched_set.c
示例18: install_real_capabilities
void
install_real_capabilities (cap_t new_caps)
{
/* If we have no capabilities there is nothing to do here. */
if (new_caps == NULL)
return;
if (cap_set_proc (new_caps))
{
cap_free (new_caps);
dbg_log (_("Failed to drop capabilities"));
error (EXIT_FAILURE, 0, _("cap_set_proc failed"));
/* NOTREACHED */
}
cap_free (new_caps);
if (prctl (PR_SET_KEEPCAPS, 0) == -1)
{
dbg_log (_("Failed to unset keep-capabilities"));
error (EXIT_FAILURE, errno, _("prctl(KEEPCAPS) failed"));
/* NOTREACHED */
}
}
开发者ID:davidlt,项目名称:glibc-2.12-slc6,代码行数:24,代码来源:selinux.c
示例19: test_set_ambient_caps
static void test_set_ambient_caps(void) {
cap_t caps;
uint64_t set = 0;
cap_flag_value_t fv;
caps = cap_get_proc();
assert_se(caps);
assert_se(!cap_get_flag(caps, CAP_CHOWN, CAP_INHERITABLE, &fv));
assert(fv == CAP_CLEAR);
cap_free(caps);
assert_se(prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) == 0);
set = (UINT64_C(1) << CAP_CHOWN);
assert_se(!capability_ambient_set_apply(set, true));
caps = cap_get_proc();
assert_se(!cap_get_flag(caps, CAP_CHOWN, CAP_INHERITABLE, &fv));
assert(fv == CAP_SET);
cap_free(caps);
assert_se(prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_CHOWN, 0, 0) == 1);
}
开发者ID:msekletar,项目名称:systemd-rhel,代码行数:24,代码来源:test-capability.c
示例20: ensure_capsyschroot
/* ensure this process has CAP_SYS_CHROOT capability. */
void ensure_capsyschroot(const char *executable) {
cap_t caps = cap_get_proc(); // all current capabilities.
cap_flag_value_t chroot_permitted, chroot_effective;
if (!caps)
perror("cap_get_proc");
/* effective and permitted flags should be set for CAP_SYS_CHROOT. */
cap_get_flag(caps, CAP_SYS_CHROOT, CAP_PERMITTED, &chroot_permitted);
cap_get_flag(caps, CAP_SYS_CHROOT, CAP_EFFECTIVE, &chroot_effective);
if (chroot_permitted != CAP_SET || chroot_effective != CAP_SET) {
fprintf(stderr, "Error: chroot: No CAP_SYS_CHROOT capability.\n");
exit(1);
}
cap_free(caps);
}
开发者ID:ahorn,项目名称:klee,代码行数:16,代码来源:klee-replay.c
注:本文中的cap_free函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论