* [PATCH] Manual pages: cap_from_text.3: Clarify a detail of cap_from_text() action list
@ 2020-07-22 21:00 Michael Kerrisk (man-pages)
0 siblings, 0 replies; only message in thread
From: Michael Kerrisk (man-pages) @ 2020-07-22 21:00 UTC (permalink / raw)
To: mtk.manpages, Andrew G . Morgan; +Cc: linux-security-module
The fact that the action list of a cap_from_text() clause can include
multiple operator-flag pairs is a little hidden in this page. Make it
clearer by separating this information out into a separate paragraph and
showing an example of the equivalence to multple clauses.
Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages@gmail.com>
---
doc/cap_from_text.3 | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/doc/cap_from_text.3 b/doc/cap_from_text.3
index e59ca59..9f4c50b 100644
--- a/doc/cap_from_text.3
+++ b/doc/cap_from_text.3
@@ -139,9 +139,16 @@ capability list and one or more explicit trailing flags. The `+'
operator will raise all of the listed capabilities in the flagged
capability sets. The `\-' operator will lower all of the listed
capabilities in the flagged capability sets. For example:
-"all+p" will raise all of the Permitted capabilities; "cap_fowner+p\-i"
-will raise the override-file-ownership capability in the Permitted
-capability set and lower this Inheritable capability;
+"all+p" will raise all of the Permitted capabilities and
+"cap_fowner\-i" will lower the override-file-ownership in the Inheritable set.
+.PP
+The action list can consist of multiple
+.I operator flag
+pairs; the actions are performed in left-to-right order.
+Thus, for example,
+"cap_fowner+p\-i"
+is equivalent to "cap_fowner+p cap_fowner\-i".
+As another example,
"cap_fowner+pe\-i" and "cap_fowner=+pe" are equivalent.
.SH "RETURN VALUE"
.BR cap_from_text (),
--
2.26.2
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2020-07-22 21:00 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-22 21:00 [PATCH] Manual pages: cap_from_text.3: Clarify a detail of cap_from_text() action list Michael Kerrisk (man-pages)
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.