Reputation: 634
How to use CAP_SYS_BOOT capability?
I have to develop C API to shutdown linux system using reboot function through UI APPLICATION instead of system call and exec function.This reboot linksays that in order to run this function caller must have the CAP_SYS_BOOT inside its user namespace. Right now this function only work with root user I have to modified it to make it use for normal user too.How to set sufficient privilege inside C function using capabilities in order to shutdown linux system by any user?
turnoff()
{
sync();
reboot(RB_POWER_OFF);
}
Upvotes: 1
Views: 2756
Answers (1)
Reputation: 137398
Your process had to have that capability; you can't grant it to yourself at runtime (which would defeat the whole purpose of capabilities).
Read about capabilities(7).
Use setcap to set the capabilities of an executable file. This is typically done at installation time. As root:
setcap cap_sys_boot+ep /path/to/your/executable
Capabilities can also be inherited by child processes.
Upvotes: 2
Related Questions
- How to set CAP_SYS_NICE capability to a Linux user?
- Test for linux CAP_FOWNER capability in C?
- Request Linux Capabilities During Runtime
- How to use CAP_SYS_ADMIN
- How to create own sysctl parameter
- How to execute a process with CAP_SYS_RESOURCE
- How to add Linux capability for CAP_IPC_OWNER in limits.conf?
- How to add user defined function in U-Boot?
- Create sysfs entry from kernel module
- Linux and KERN_PROC