File tree Expand file tree Collapse file tree 1 file changed +49
-0
lines changed Expand file tree Collapse file tree 1 file changed +49
-0
lines changed Original file line number Diff line number Diff line change 1+ #! /bin/bash
2+
3+ # Script to test capabilities, comment to enable
4+ # capsh in debian package: libcap2-bin
5+ # Require root
6+
7+ D=" cap_audit_control"
8+ D=" ${D} ,cap_audit_read"
9+ D=" ${D} ,cap_audit_write"
10+ D=" ${D} ,cap_block_suspend"
11+ D=" ${D} ,cap_chown"
12+ D=" ${D} ,cap_dac_override"
13+ D=" ${D} ,cap_dac_read_search"
14+ D=" ${D} ,cap_fowner"
15+ D=" ${D} ,cap_fsetid"
16+ D=" ${D} ,cap_ipc_lock"
17+ D=" ${D} ,cap_ipc_owner"
18+ D=" ${D} ,cap_kill"
19+ D=" ${D} ,cap_lease"
20+ D=" ${D} ,cap_linux_immutable"
21+ D=" ${D} ,cap_mac_admin"
22+ D=" ${D} ,cap_mac_override"
23+ D=" ${D} ,cap_mknod"
24+ D=" ${D} ,cap_net_admin"
25+ D=" ${D} ,cap_net_bind_service"
26+ D=" ${D} ,cap_net_broadcast"
27+ D=" ${D} ,cap_net_raw"
28+ D=" ${D} ,cap_setfcap"
29+ D=" ${D} ,cap_setgid"
30+ D=" ${D} ,cap_setpcap"
31+ D=" ${D} ,cap_setuid"
32+ D=" ${D} ,cap_sys_admin"
33+ D=" ${D} ,cap_sys_boot"
34+ D=" ${D} ,cap_sys_chroot"
35+ D=" ${D} ,cap_syslog"
36+ D=" ${D} ,cap_sys_module"
37+ D=" ${D} ,cap_sys_nice"
38+ D=" ${D} ,cap_sys_pacct"
39+ D=" ${D} ,cap_sys_ptrace"
40+ D=" ${D} ,cap_sys_rawio"
41+ D=" ${D} ,cap_sys_resource"
42+ D=" ${D} ,cap_sys_time"
43+ D=" ${D} ,cap_sys_tty_config"
44+ D=" ${D} ,cap_wake_alarm"
45+ D=" ${D} ,cap_perfmon"
46+ D=" ${D} ,cap_checkpoint_restore"
47+ D=" ${D} ,cap_bpf"
48+
49+ /usr/sbin/capsh --noamb --drop=${D} -- -c " $1 "
You can’t perform that action at this time.
0 commit comments