Lines Matching +full:system +full:- +full:observe

2 .\" capsh.1 Man page added 2009-12-23 Andrew G. Morgan <morgan@kernel.org>
4 .TH CAPSH 1 "2011-04-24" "libcap 2" "User Commands"
6 capsh \- capability shell wrapper
19 .B --print
22 .BI -- " [args]"
26 .B -c 'command to execute'
36 .BI --caps= cap-set
38 .IR cap-set .
40 .I cap-set
41 is a text-representation of capability state as per
44 .BI --drop= cap-list
54 .BI --inh= cap-list
63 .BI --user= username
72 .BI --uid= id
79 system call.
81 .BI --gid= <id>
88 system call.
90 .BI --groups= <id-list>
94 system call.
96 .BI --keep= <0|1>
97 In a non-pure capability mode, the kernel provides liberal privilege
98 to the super-user. However, it is normally the case that when the
99 super-user changes
105 system call. This feature is known as
106 .I keep-caps
109 .I keep-caps
110 to be active. Setting it to 0 will cause keep-caps to deactivate for
112 .I keep-caps
116 .B --secbits
119 .BI --secbits= N
120 XXX - need to document this feature.
122 .BI --chroot= path
125 system call with the new root-directory (/) equal to
131 .BI --forkfor= sec
133 .BI --killit= sig
135 .BI --decode= N
149  capsh --decode=0x0100
151 we observe that the missing capability is:
154 .BI --supports= xxx
156 to verify the existence of a capability on the system. For example,
157 .BI --supports= cap_syslog