Summary/Minutes from today's FESCo meeting (2010-10-26) NEW TIME!
Daniel P. Berrange
berrange at redhat.com
Fri Oct 29 11:18:04 UTC 2010
On Fri, Oct 29, 2010 at 02:32:52PM +0530, Rahul Sundaram wrote:
> On Fri, Oct 29, 2010 at 2:26 PM, Daniel P. Berrange wrote:
> > You want the libcap-ng-utils RPMs which provides a bunch of useful tools
> > for this, filecap, netcap, pscap, etc.
> Is there any particular reason, the regular tools that users already use
> cannot be modified to display the appropriate info, like SELinux and -Z
In theory there's nothing preventing this. Deciding on/defining a concise
display of capabilities info that doesn't mess up the formatting of
ps/ls/etc is even tricker than with SELinux -Z because of the length of
capabilities to display. eg, pscap for dhclient which has just 5 capabilities
'dac_override, net_bind_service, net_admin, net_raw, sys_admin'
There are 32 possible capabilites, so you'll quickly exceed the width
of terminals just listing capabilities, in this format. You could try
and decide on shortened names to < 5 characters each, but it isn't
going to be so readable, nor very short for lots of caps
|: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :|
|: http://libvirt.org -o- http://virt-manager.org -o- http://deltacloud.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
More information about the devel