2 use std
::os
::raw
::{c_int, c_ulong}
;
5 pub struct SecureBits
: c_ulong
{
6 const NOROOT
= 0b0_0000_0001;
7 const NOROOT_LOCKED
= 0b0_0000_0010;
8 const NO_SETUID_FIXUP
= 0b0_0000_0100;
9 const NO_SETUID_FIXUP_LOCKED
= 0b0_0000_1000;
10 const KEEP_CAPS
= 0b0_0001_0000;
11 const KEEP_CAPS_LOCKED
= 0b0_0010_0000;
12 const NO_CAP_AMBIENT_RAISE
= 0b0_0100_0000;
13 const NO_CAP_AMBIENT_RAISE_LOCKED
= 0b0_1000_0000;
15 const ALL_BITS
= 0b0_0101_0101;
16 const ALL_LOCKS
= 0b0_1010_1010;
21 pub fn apply(self) -> io
::Result
<()> {
22 c_call
!(unsafe { libc::prctl(libc::PR_SET_SECUREBITS, self.bits()) }
)?
;
26 pub fn get_current() -> io
::Result
<Self> {
27 let bits
= c_call
!(unsafe { libc::prctl(libc::PR_GET_SECUREBITS) }
)?
;
28 Self::from_bits(bits
as _
)
29 .ok_or_else(|| io_format_err
!("prctl() returned unknown securebits"))
33 #[derive(Clone, Default)]
34 pub struct Capabilities
{
38 //bounding: u64, // we don't care currently
41 // Too lazy to bindgen libcap stuff...
42 const CAPABILITY_VERSION_3
: u32 = 0x2008_0522;
44 /// Represents process capabilities.
46 /// This can be used to change the process' capability sets (if permitted by the kernel).
48 // We currently don't implement capget as it takes a pid which is racy on kernels without pidfd
49 // support. Later on we might support a `capget(&PidFd)` method?
51 /// Change our process capabilities. This does not include the bounding set.
52 pub fn capset(&self) -> io
::Result
<()> {
67 version
: CAPABILITY_VERSION_3
,
68 pid
: 0, // equivalent to gettid(),
73 effective
: self.effective
as u32,
74 permitted
: self.permitted
as u32,
75 inheritable
: self.inheritable
as u32,
78 effective
: (self.effective
>> 32) as u32,
79 permitted
: (self.permitted
>> 32) as u32,
80 inheritable
: (self.inheritable
>> 32) as u32,
84 c_try
!(unsafe { libc::syscall(libc::SYS_capset, &header, &data) }
);