Other Alias
cap_fcntls_limitLIBRARY
Lb libcSYNOPSIS
In sys/capability.h Ft int Fn cap_fcntls_limit int fd uint32_t fcntlrights Ft int Fn cap_fcntls_get int fd uint32_t *fcntlrightspDESCRIPTION
If a file descriptor is granted the CAP_FCNTL capability right, the list of allowed fcntl(2) commands can be selectively reduced (but never expanded) with the Fn cap_fcntls_limit system call.A bitmask of allowed fcntls commands for a given file descriptor can be obtained with the Fn cap_fcntls_get system call.
FLAGS
The following flags may be specified in the Fa fcntlrights argument or returned in the Fa fcntlrightsp argument:- CAP_FCNTL_GETFL
- Permit F_GETFL command.
- CAP_FCNTL_SETFL
- Permit F_SETFL command.
- CAP_FCNTL_GETOWN
- Permit F_GETOWN command.
- CAP_FCNTL_SETOWN
- Permit F_SETOWN command.
RETURN VALUES
Rv -stdERRORS
Fn cap_fcntls_limit succeeds unless:- Bq Er EBADF
- The Fa fd argument is not a valid descriptor.
- Bq Er EINVAL
- An invalid flag has been passed in Fa fcntlrights .
- Bq Er ENOTCAPABLE
- Fa fcntlrights would expand the list of allowed fcntl(2) commands.
Fn cap_fcntls_get succeeds unless:
- Bq Er EBADF
- The Fa fd argument is not a valid descriptor.
- Bq Er EFAULT
- The Fa fcntlrightsp argument points at an invalid address.
HISTORY
Support for capabilities and capabilities mode was developed as part of the TrustedBSD Project.AUTHORS
This function was created by An Pawel Jakub Dawidek Aq [email protected] under sponsorship of the FreeBSD Foundation.