Reputation: 3189
Get CentOS server capabilities in human-readable form using Python
I am trying to analyze capabilities associated to my CentOS server. I have output of ps aufxwwwZ command and for each process the content of /proc/$pid/status. This is part of the dump of the configuration of the server I want to analyze.
I know I can get capabilities from /proc/$pid/status (lines beginning by ^Cap). I can use capsh --decode to get a human-readable form. However, I would like to implement this exclusively in python as part of a bigger script.
How is it possible to convert the capabilities mask to a human-readable list of capabilities without having to force users to install specific tools and launching subprocess stuff ?
I have tried to understand how the parsing is done reading linux/capability.h. Interesting parts :
#define CAP_TO_INDEX(x) ((x) >> 5) /* 1 << 5 == bits in __u32 */
#define CAP_TO_MASK(x) (1 << ((x) & 31)) /* mask for indexed __u32 */
So, for cap_net_admin, which is defined in this header file to 12,
I use CAP_TO_MASK, ((12) & 31) gives 4096 :
printf("%d", 1 << ((12) & 31));
However, this is not what I observe for this specific capability in /proc/pid/status which is 1000.
Is there a more straightforward converting process ?
Upvotes: 1
Views: 128
Answers (0)
Related Questions
- How to get linux direcory/file permission string using python
- How can i make the python program to check linux services
- How to get several information about server
- (discord.py) How can I get a list of how many permissions a user has
- Getting system status in python
- how to get hostname, ip address, cpu info, memory info
- problems setting Linux Capabilities using Python
- How to reliably check if I am above a certain CentOS version (CentOS 7) in a Python script?
- How can I read system information in Python on OS X?
- How to convert a stat output to a unix permissions string