Reputation: 64905
Copy a file without removing the destination capabilities
I have a binary foo, generated from C++ code, which has special capabilities set on it with:
sudo setcap cap_sys_rawio=ep ./foo
Now I want to build another version of this binary, and the output of the build (the new binary) goes into a file named bar. Evidently, bar will not have the same capabilities as foo. I would like to copy the content of bar over foo, so that foo represents the new binary, but without removing the capabilities.
This answer indicates that modifying the file does not affect the capabilities, but when I try with cp (which uses open(..., O_TRUNC) under the covers) the capabilities are removed.
Upvotes: 0
Views: 1046
Answers (1)
Reputation: 25491
I don't think this is possible. The comment on the answer you linked to is incorrect; replacing the contents of foo will cause the capabilities to be removed from foo, as explained by this answer.
You can test this using the following trivial C program (save this as editfoo.c):
#include <fcntl.h>
#include <unistd.h>
int main(int argc, char** argv) {
int fd = open("foo", O_WRONLY);
write(fd, "bar", 3);
return 0;
}
Then:
$ gcc editfoo.c -o editfoo
$ echo "foo" > foo
$ sudo setcap cap_sys_rawio=ep foo
$ cat foo
foo
$ getcap foo
foo = cap_sys_rawio+ep
$ ./editfoo
$ cat foo
bar
$ getcap foo
Upvotes: 1
Related Questions
- How to copy files and give them permission of destination directory
- File capabilities do not transfer to process once executed
- How do I copy a file retaining the original permissions?
- copy file, keep permissions and owner
- copy file with destination permission
- python, changing the permission of destination location during copy
- How can I copy permissions from a file that already exists?
- Change permissions for newly copied file in Unix/Linux
- How to copy a file in creation without destroying it in Unix/Linux
- copy a file and change its permissions in Linux with C