openwrt/procd
1
0
Fork 0
mirror of https://git.openwrt.org/project/procd.git synced 2026-01-15 21:04:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
master
procd/make_capabilities_h.sh
Etienne CHAMPETIER 51201235db jail: add capabilities support 
If there is one or more capabilities in cap.keep,
drop all capabilities not in cap.keep.
Always drop all capabalities in cap.drop

exemple json syntax:
{
"cap.keep": [
        "cap_net_raw"
],
"cap.drop": []
}

Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
2015-10-07 11:07:54 +02:00

11 lines
366 B
Bash
Executable File
Raw Permalink Blame History

#!/bin/sh
CC=$1
[ -n "$TARGET_CC_NOCACHE" ] && CC=$TARGET_CC_NOCACHE
echo "#include <linux/capability.h>"
echo "static const char *capabilities_names[] = {"
echo "#include <linux/capability.h>" | ${CC} -E -dM - | grep '#define CAP' | grep -vE '(CAP_TO|CAP_LAST_CAP)' | \
awk '{print $3" "$2}' | sort -n | awk '{print " ["$1"]\t= \""tolower($2)"\","}'
echo "};"
Reference in New Issue View Git Blame Copy Permalink