GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
SETCAP(8) FreeBSD System Manager's Manual SETCAP(8)

setcap - set file capabilities

setcap [-q] [-n <rootuid>] [-v] {capabilities|-|-r} filename [ ... capabilitiesN fileN ]

In the absence of the -v (verify) option setcap sets the capabilities of each specified filename to the capabilities specified. The optional -n <rootuid> argument can be used to set the file capability for use only in a user namespace with this root user ID owner. The -v option is used to verify that the specified capabilities are currently associated with the file. If -v and -n are supplied, the -n <rootuid> argument is also verified.

The capabilities are specified in the form described in cap_from_text(3).

The special capability string, '-', can be used to indicate that capabilities are read from the standard input. In such cases, the capability set is terminated with a blank line.

The special capability string, '-r', is used to remove a capability set from a file. Note, setting an empty capability set is not the same as removing it. An empty set can be used to guarantee a file is not executed with privilege in spite of the fact that the prevailing ambient+inheritable sets would otherwise bestow capabilities on executed binaries.

The -q flag is used to make the program less verbose in its output.

The setcap program will exit with a 0 exit code if successful. On failure, the exit code is 1.

Please report bugs via:

cap_from_text(3), cap_get_file(3), capabilities(7), user_namespaces(7), getcap(8)

2020-01-07
Search for    or go to Top of page |  Section 8 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.