capng_c 0.1.2 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.clang-format +5 -0
- data/.github/workflows/apt.yml +35 -0
- data/.github/workflows/linux.yml +1 -1
- data/.github/workflows/yum.yml +39 -0
- data/Gemfile +3 -1
- data/README.md +18 -2
- data/capng_c.gemspec +3 -2
- data/ci/apt-test.sh +15 -0
- data/ci/yum-test.sh +64 -0
- data/example/file_capability.rb +36 -0
- data/example/process_capability.rb +59 -0
- data/example/process_capability_without_root.rb +36 -0
- data/ext/capng/capability.c +353 -25
- data/ext/capng/capng.c +313 -122
- data/ext/capng/capng.h +25 -16
- data/ext/capng/enum-action.c +35 -0
- data/ext/capng/enum-flags.c +44 -0
- data/ext/capng/enum-result.c +38 -0
- data/ext/capng/enum-select.c +39 -0
- data/ext/capng/enum-type.c +42 -0
- data/ext/capng/enum.c +7 -42
- data/ext/capng/extconf.rb +4 -0
- data/ext/capng/print.c +127 -76
- data/ext/capng/state.c +55 -21
- data/ext/capng/utils.c +7 -7
- data/lib/capng.rb +14 -7
- data/lib/capng/version.rb +1 -1
- metadata +35 -7
data/ext/capng/capng.c
CHANGED
|
@@ -13,21 +13,50 @@
|
|
|
13
13
|
|
|
14
14
|
#include <capng.h>
|
|
15
15
|
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
16
|
+
/* clang-format off */
|
|
17
|
+
/*
|
|
18
|
+
* Document-class: CapNG
|
|
19
|
+
*
|
|
20
|
+
* CapNG class.
|
|
21
|
+
*
|
|
22
|
+
* @example
|
|
23
|
+
* # Current process capability example
|
|
24
|
+
* require 'capng'
|
|
25
|
+
*
|
|
26
|
+
* @capng = CapNG.new(:current_process)
|
|
27
|
+
* @capng.have_capability?(:effective, :dac_read_search)
|
|
28
|
+
*
|
|
29
|
+
* @example
|
|
30
|
+
* # Other process capability example
|
|
31
|
+
* require 'capng'
|
|
32
|
+
*
|
|
33
|
+
* @capng = CapNG.new(:other_process, 12345)
|
|
34
|
+
* @capng.have_capability?(:effective, :dac_override)
|
|
35
|
+
*
|
|
36
|
+
* @example
|
|
37
|
+
* # File capability example
|
|
38
|
+
* require 'capng'
|
|
39
|
+
*
|
|
40
|
+
* @capng = CapNG.new(:file, "/path/to/file")
|
|
41
|
+
* @capng.have_capability?(:effective, :chown)
|
|
42
|
+
*/
|
|
43
|
+
/* clang-format on */
|
|
44
|
+
|
|
45
|
+
struct CapNG
|
|
46
|
+
{};
|
|
47
|
+
|
|
48
|
+
static void
|
|
49
|
+
capng_free(void* capng);
|
|
50
|
+
|
|
51
|
+
static const rb_data_type_t rb_capng_type = { "capng/capng",
|
|
52
|
+
{
|
|
53
|
+
0,
|
|
54
|
+
capng_free,
|
|
55
|
+
0,
|
|
56
|
+
},
|
|
57
|
+
NULL,
|
|
58
|
+
NULL,
|
|
59
|
+
RUBY_TYPED_FREE_IMMEDIATELY };
|
|
31
60
|
|
|
32
61
|
static void
|
|
33
62
|
capng_free(void* ptr)
|
|
@@ -40,19 +69,27 @@ rb_capng_alloc(VALUE klass)
|
|
|
40
69
|
{
|
|
41
70
|
VALUE obj;
|
|
42
71
|
struct CapNG* capng;
|
|
43
|
-
obj = TypedData_Make_Struct(
|
|
44
|
-
klass, struct CapNG, &rb_capng_type, capng);
|
|
72
|
+
obj = TypedData_Make_Struct(klass, struct CapNG, &rb_capng_type, capng);
|
|
45
73
|
return obj;
|
|
46
74
|
}
|
|
47
75
|
|
|
76
|
+
/*
|
|
77
|
+
* Initalize CapNG class.
|
|
78
|
+
*
|
|
79
|
+
* @overload initialize(target=nil, pid_or_file=nil)
|
|
80
|
+
* @option param target [String or Symbol] Specify capability target.
|
|
81
|
+
* @option param pid_or_file [String or Symbol] Querying XPath.
|
|
82
|
+
* @return [nil]
|
|
83
|
+
*
|
|
84
|
+
*/
|
|
48
85
|
static VALUE
|
|
49
|
-
rb_capng_initialize(int argc, VALUE
|
|
86
|
+
rb_capng_initialize(int argc, VALUE* argv, VALUE self)
|
|
50
87
|
{
|
|
51
88
|
VALUE rb_target, rb_pid_or_file;
|
|
52
89
|
int result = 0;
|
|
53
|
-
char
|
|
90
|
+
char* target = NULL;
|
|
54
91
|
int pid = 0, fd = 0;
|
|
55
|
-
rb_io_t
|
|
92
|
+
rb_io_t* fptr = NULL;
|
|
56
93
|
|
|
57
94
|
rb_scan_args(argc, argv, "02", &rb_target, &rb_pid_or_file);
|
|
58
95
|
|
|
@@ -88,31 +125,54 @@ rb_capng_initialize(int argc, VALUE *argv, VALUE self)
|
|
|
88
125
|
fptr = RFILE(rb_pid_or_file)->fptr;
|
|
89
126
|
fd = fptr->fd;
|
|
90
127
|
result = capng_get_caps_fd(fd);
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
128
|
+
/* Just store result into instance variable. */
|
|
129
|
+
/* This is because capng_get_caps_fd should return 0 if file cap is not set. */
|
|
130
|
+
rb_iv_set(self, "@return_code", INT2NUM(result));
|
|
94
131
|
}
|
|
95
132
|
|
|
96
133
|
return Qnil;
|
|
97
134
|
}
|
|
98
135
|
|
|
136
|
+
/*
|
|
137
|
+
* Retrieve capability API status code on [CapNG#initialize] and file capability target.
|
|
138
|
+
*
|
|
139
|
+
* @return [@return_code]
|
|
140
|
+
*
|
|
141
|
+
*/
|
|
142
|
+
static VALUE
|
|
143
|
+
rb_capng_return_code(VALUE self)
|
|
144
|
+
{
|
|
145
|
+
return rb_iv_get(self, "@return_code");
|
|
146
|
+
}
|
|
147
|
+
|
|
148
|
+
/*
|
|
149
|
+
* Clear capabilities on specified target.
|
|
150
|
+
*
|
|
151
|
+
* @param rb_select_name_or_enum [Symbol or String or Fixnum] targets are CAPS, BOUNDS,
|
|
152
|
+
* BOTH, and AMBIENT for supported platform.
|
|
153
|
+
*
|
|
154
|
+
* @return [nil]
|
|
155
|
+
*
|
|
156
|
+
*/
|
|
99
157
|
static VALUE
|
|
100
158
|
rb_capng_clear(VALUE self, VALUE rb_select_name_or_enum)
|
|
101
159
|
{
|
|
102
160
|
capng_select_t select = 0;
|
|
103
161
|
|
|
104
162
|
switch (TYPE(rb_select_name_or_enum)) {
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
163
|
+
case T_SYMBOL:
|
|
164
|
+
select =
|
|
165
|
+
select_name_to_select_type(RSTRING_PTR(rb_sym2str(rb_select_name_or_enum)));
|
|
166
|
+
break;
|
|
167
|
+
case T_STRING:
|
|
168
|
+
select = select_name_to_select_type(StringValuePtr(rb_select_name_or_enum));
|
|
169
|
+
break;
|
|
170
|
+
case T_FIXNUM:
|
|
171
|
+
select = NUM2INT(rb_select_name_or_enum);
|
|
172
|
+
break;
|
|
173
|
+
default:
|
|
174
|
+
rb_raise(rb_eArgError,
|
|
175
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
116
176
|
}
|
|
117
177
|
|
|
118
178
|
capng_clear(select);
|
|
@@ -120,23 +180,34 @@ rb_capng_clear(VALUE self, VALUE rb_select_name_or_enum)
|
|
|
120
180
|
return Qnil;
|
|
121
181
|
}
|
|
122
182
|
|
|
183
|
+
/*
|
|
184
|
+
* Fill capabilities on specified target.
|
|
185
|
+
*
|
|
186
|
+
* @param rb_select_name_or_enum [Symbol or String or Fixnum] targets are CAPS, BOUNDS,
|
|
187
|
+
* BOTH, and AMBIENT for supported platform.
|
|
188
|
+
*
|
|
189
|
+
* @return [nil]
|
|
190
|
+
*
|
|
191
|
+
*/
|
|
123
192
|
static VALUE
|
|
124
193
|
rb_capng_fill(VALUE self, VALUE rb_select_name_or_enum)
|
|
125
194
|
{
|
|
126
195
|
capng_select_t select = 0;
|
|
127
196
|
|
|
128
197
|
switch (TYPE(rb_select_name_or_enum)) {
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
|
|
198
|
+
case T_SYMBOL:
|
|
199
|
+
select =
|
|
200
|
+
select_name_to_select_type(RSTRING_PTR(rb_sym2str(rb_select_name_or_enum)));
|
|
201
|
+
break;
|
|
202
|
+
case T_STRING:
|
|
203
|
+
select = select_name_to_select_type(StringValuePtr(rb_select_name_or_enum));
|
|
204
|
+
break;
|
|
205
|
+
case T_FIXNUM:
|
|
206
|
+
select = NUM2INT(rb_select_name_or_enum);
|
|
207
|
+
break;
|
|
208
|
+
default:
|
|
209
|
+
rb_raise(rb_eArgError,
|
|
210
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
140
211
|
}
|
|
141
212
|
|
|
142
213
|
capng_fill(select);
|
|
@@ -144,6 +215,14 @@ rb_capng_fill(VALUE self, VALUE rb_select_name_or_enum)
|
|
|
144
215
|
return Qnil;
|
|
145
216
|
}
|
|
146
217
|
|
|
218
|
+
/*
|
|
219
|
+
* Specify process ID to retrieve other process capabilities.
|
|
220
|
+
*
|
|
221
|
+
* @param rb_pid [Fixnum] Process ID.
|
|
222
|
+
*
|
|
223
|
+
* @return [nil]
|
|
224
|
+
*
|
|
225
|
+
*/
|
|
147
226
|
static VALUE
|
|
148
227
|
rb_capng_setpid(VALUE self, VALUE rb_pid)
|
|
149
228
|
{
|
|
@@ -154,6 +233,13 @@ rb_capng_setpid(VALUE self, VALUE rb_pid)
|
|
|
154
233
|
return Qnil;
|
|
155
234
|
}
|
|
156
235
|
|
|
236
|
+
/*
|
|
237
|
+
* Specify process ID to retrieve process capabilities. If not
|
|
238
|
+
* calling #setpid before, it returns current process' capabilities.
|
|
239
|
+
*
|
|
240
|
+
* @return [Boolean]
|
|
241
|
+
*
|
|
242
|
+
*/
|
|
157
243
|
static VALUE
|
|
158
244
|
rb_capng_get_caps_process(VALUE self)
|
|
159
245
|
{
|
|
@@ -166,9 +252,21 @@ rb_capng_get_caps_process(VALUE self)
|
|
|
166
252
|
return Qfalse;
|
|
167
253
|
}
|
|
168
254
|
|
|
255
|
+
/*
|
|
256
|
+
* Update capabilities.
|
|
257
|
+
*
|
|
258
|
+
* @param rb_action_name_or_action [Symbol or String or Fixnum] ADD or DROP.
|
|
259
|
+
* @param rb_capability_name_or_type [Symbol or String or Fixnum]
|
|
260
|
+
* Effective/Inheritable/Permitted/Ambient (If supported) or their combinations
|
|
261
|
+
* @param rb_capability_or_name [Symbol or String or Fixnum] Capability name or constants.
|
|
262
|
+
*
|
|
263
|
+
* @see: [CapNG::Capability])
|
|
264
|
+
*
|
|
265
|
+
* @return [Boolean]
|
|
266
|
+
*/
|
|
169
267
|
static VALUE
|
|
170
|
-
rb_capng_update(VALUE self,
|
|
171
|
-
VALUE
|
|
268
|
+
rb_capng_update(VALUE self, VALUE rb_action_name_or_action,
|
|
269
|
+
VALUE rb_capability_name_or_type, VALUE rb_capability_or_name)
|
|
172
270
|
{
|
|
173
271
|
int result = 0;
|
|
174
272
|
unsigned int capability = 0;
|
|
@@ -176,45 +274,52 @@ rb_capng_update(VALUE self,
|
|
|
176
274
|
capng_act_t action = 0;
|
|
177
275
|
|
|
178
276
|
switch (TYPE(rb_action_name_or_action)) {
|
|
179
|
-
|
|
180
|
-
|
|
181
|
-
|
|
182
|
-
|
|
183
|
-
|
|
184
|
-
|
|
185
|
-
|
|
186
|
-
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
277
|
+
case T_SYMBOL:
|
|
278
|
+
action =
|
|
279
|
+
action_name_to_action_type(RSTRING_PTR(rb_sym2str(rb_action_name_or_action)));
|
|
280
|
+
break;
|
|
281
|
+
case T_STRING:
|
|
282
|
+
action = action_name_to_action_type(StringValuePtr(rb_action_name_or_action));
|
|
283
|
+
break;
|
|
284
|
+
case T_FIXNUM:
|
|
285
|
+
action = NUM2INT(rb_action_name_or_action);
|
|
286
|
+
break;
|
|
287
|
+
default:
|
|
288
|
+
rb_raise(rb_eArgError,
|
|
289
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
190
290
|
}
|
|
191
291
|
|
|
192
292
|
switch (TYPE(rb_capability_name_or_type)) {
|
|
193
|
-
|
|
194
|
-
|
|
195
|
-
|
|
196
|
-
|
|
197
|
-
|
|
198
|
-
|
|
199
|
-
|
|
200
|
-
|
|
201
|
-
|
|
202
|
-
|
|
203
|
-
|
|
293
|
+
case T_SYMBOL:
|
|
294
|
+
capability_type = capability_type_name_to_capability_type(
|
|
295
|
+
RSTRING_PTR(rb_sym2str(rb_capability_name_or_type)));
|
|
296
|
+
break;
|
|
297
|
+
case T_STRING:
|
|
298
|
+
capability_type = capability_type_name_to_capability_type(
|
|
299
|
+
StringValuePtr(rb_capability_name_or_type));
|
|
300
|
+
break;
|
|
301
|
+
case T_FIXNUM:
|
|
302
|
+
capability_type = NUM2INT(rb_capability_name_or_type);
|
|
303
|
+
break;
|
|
304
|
+
default:
|
|
305
|
+
rb_raise(rb_eArgError,
|
|
306
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
204
307
|
}
|
|
205
308
|
|
|
206
309
|
switch (TYPE(rb_capability_or_name)) {
|
|
207
|
-
|
|
208
|
-
|
|
209
|
-
|
|
210
|
-
|
|
211
|
-
|
|
212
|
-
|
|
213
|
-
|
|
214
|
-
|
|
215
|
-
|
|
216
|
-
|
|
217
|
-
|
|
310
|
+
case T_SYMBOL:
|
|
311
|
+
capability =
|
|
312
|
+
capng_name_to_capability(RSTRING_PTR(rb_sym2str(rb_capability_or_name)));
|
|
313
|
+
break;
|
|
314
|
+
case T_STRING:
|
|
315
|
+
capability = capng_name_to_capability(StringValuePtr(rb_capability_or_name));
|
|
316
|
+
break;
|
|
317
|
+
case T_FIXNUM:
|
|
318
|
+
capability = NUM2INT(rb_capability_or_name);
|
|
319
|
+
break;
|
|
320
|
+
default:
|
|
321
|
+
rb_raise(rb_eArgError,
|
|
322
|
+
"Expected a String or a Symbol instance, or a capability constant");
|
|
218
323
|
}
|
|
219
324
|
|
|
220
325
|
result = capng_update(action, capability_type, capability);
|
|
@@ -225,14 +330,38 @@ rb_capng_update(VALUE self,
|
|
|
225
330
|
return Qfalse;
|
|
226
331
|
}
|
|
227
332
|
|
|
333
|
+
/*
|
|
334
|
+
* Apply capabilities on specified target.
|
|
335
|
+
*
|
|
336
|
+
* @param rb_select_name_or_enum [Symbol or String or Fixnum]
|
|
337
|
+
* targets are CAPS, BOUNDS, BOTH, and AMBIENT for supported platform.
|
|
338
|
+
*
|
|
339
|
+
* @return [Boolean]
|
|
340
|
+
*
|
|
341
|
+
*/
|
|
228
342
|
static VALUE
|
|
229
|
-
rb_capng_apply(VALUE self, VALUE
|
|
343
|
+
rb_capng_apply(VALUE self, VALUE rb_select_name_or_enum)
|
|
230
344
|
{
|
|
231
345
|
int result = 0;
|
|
346
|
+
capng_select_t select = 0;
|
|
232
347
|
|
|
233
|
-
|
|
348
|
+
switch (TYPE(rb_select_name_or_enum)) {
|
|
349
|
+
case T_SYMBOL:
|
|
350
|
+
select =
|
|
351
|
+
select_name_to_select_type(RSTRING_PTR(rb_sym2str(rb_select_name_or_enum)));
|
|
352
|
+
break;
|
|
353
|
+
case T_STRING:
|
|
354
|
+
select = select_name_to_select_type(StringValuePtr(rb_select_name_or_enum));
|
|
355
|
+
break;
|
|
356
|
+
case T_FIXNUM:
|
|
357
|
+
select = NUM2INT(rb_select_name_or_enum);
|
|
358
|
+
break;
|
|
359
|
+
default:
|
|
360
|
+
rb_raise(rb_eArgError,
|
|
361
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
362
|
+
}
|
|
234
363
|
|
|
235
|
-
result = capng_apply(
|
|
364
|
+
result = capng_apply(select);
|
|
236
365
|
|
|
237
366
|
if (result == 0)
|
|
238
367
|
return Qtrue;
|
|
@@ -240,6 +369,12 @@ rb_capng_apply(VALUE self, VALUE rb_action_set)
|
|
|
240
369
|
return Qfalse;
|
|
241
370
|
}
|
|
242
371
|
|
|
372
|
+
/*
|
|
373
|
+
* Lock capabilities.
|
|
374
|
+
*
|
|
375
|
+
* @return [Boolean]
|
|
376
|
+
*
|
|
377
|
+
*/
|
|
243
378
|
static VALUE
|
|
244
379
|
rb_capng_lock(VALUE self)
|
|
245
380
|
{
|
|
@@ -253,6 +388,14 @@ rb_capng_lock(VALUE self)
|
|
|
253
388
|
return Qfalse;
|
|
254
389
|
}
|
|
255
390
|
|
|
391
|
+
/*
|
|
392
|
+
* Change the credentials retaining capabilities.
|
|
393
|
+
* @param rb_uid [Fixnum] User ID.
|
|
394
|
+
* @param rb_gid [Fixnum] Group ID.
|
|
395
|
+
* @param rb_flags [Fixnum] CapNG::Flags constants.
|
|
396
|
+
*
|
|
397
|
+
* @see: capng_change_id(3)
|
|
398
|
+
*/
|
|
256
399
|
static VALUE
|
|
257
400
|
rb_capng_change_id(VALUE self, VALUE rb_uid, VALUE rb_gid, VALUE rb_flags)
|
|
258
401
|
{
|
|
@@ -263,9 +406,20 @@ rb_capng_change_id(VALUE self, VALUE rb_uid, VALUE rb_gid, VALUE rb_flags)
|
|
|
263
406
|
if (result == 0)
|
|
264
407
|
return Qtrue;
|
|
265
408
|
else
|
|
266
|
-
rb_raise(rb_eRuntimeError,
|
|
409
|
+
rb_raise(rb_eRuntimeError,
|
|
410
|
+
"Calling capng_change_id is failed with: (exitcode: %d)\n",
|
|
411
|
+
result);
|
|
267
412
|
}
|
|
268
413
|
|
|
414
|
+
/*
|
|
415
|
+
* Check whether capabilities on specified target or not.
|
|
416
|
+
*
|
|
417
|
+
* @param rb_select_name_or_enum [Symbol or String or Fixnum]
|
|
418
|
+
* targets are CAPS, BOUNDS, BOTH, and AMBIENT for supported platform.
|
|
419
|
+
*
|
|
420
|
+
* @return [Integer]
|
|
421
|
+
*
|
|
422
|
+
*/
|
|
269
423
|
static VALUE
|
|
270
424
|
rb_capng_have_capabilities_p(VALUE self, VALUE rb_select_name_or_enum)
|
|
271
425
|
{
|
|
@@ -273,56 +427,77 @@ rb_capng_have_capabilities_p(VALUE self, VALUE rb_select_name_or_enum)
|
|
|
273
427
|
capng_select_t select = 0;
|
|
274
428
|
|
|
275
429
|
switch (TYPE(rb_select_name_or_enum)) {
|
|
276
|
-
|
|
277
|
-
|
|
278
|
-
|
|
279
|
-
|
|
280
|
-
|
|
281
|
-
|
|
282
|
-
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
430
|
+
case T_SYMBOL:
|
|
431
|
+
select =
|
|
432
|
+
select_name_to_select_type(RSTRING_PTR(rb_sym2str(rb_select_name_or_enum)));
|
|
433
|
+
break;
|
|
434
|
+
case T_STRING:
|
|
435
|
+
select = select_name_to_select_type(StringValuePtr(rb_select_name_or_enum));
|
|
436
|
+
break;
|
|
437
|
+
case T_FIXNUM:
|
|
438
|
+
select = NUM2INT(rb_select_name_or_enum);
|
|
439
|
+
break;
|
|
440
|
+
default:
|
|
441
|
+
rb_raise(rb_eArgError,
|
|
442
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
287
443
|
}
|
|
288
444
|
result = capng_have_capabilities(select);
|
|
289
445
|
|
|
290
446
|
return INT2NUM(result);
|
|
291
447
|
}
|
|
292
448
|
|
|
449
|
+
/*
|
|
450
|
+
* Check whether capabilities on specified target or not.
|
|
451
|
+
*
|
|
452
|
+
* @param rb_capability_name_or_type [Symbol or String or Fixnum] types are EFFECTIVE,
|
|
453
|
+
* INHERITABLE, PERMITTED, and AMBIENT for supported platform.
|
|
454
|
+
* @param rb_capability_or_name [Symbol or String or Fixnum]
|
|
455
|
+
* Capability name or constants.
|
|
456
|
+
*
|
|
457
|
+
* @see: [CapNG::Capability]
|
|
458
|
+
*
|
|
459
|
+
* @return [Boolean]
|
|
460
|
+
*
|
|
461
|
+
*/
|
|
293
462
|
static VALUE
|
|
294
|
-
rb_capng_have_capability_p(VALUE self, VALUE rb_capability_name_or_type,
|
|
463
|
+
rb_capng_have_capability_p(VALUE self, VALUE rb_capability_name_or_type,
|
|
464
|
+
VALUE rb_capability_or_name)
|
|
295
465
|
{
|
|
296
466
|
int result = 0;
|
|
297
467
|
unsigned int capability = 0;
|
|
298
468
|
capng_type_t capability_type = 0;
|
|
299
469
|
|
|
300
470
|
switch (TYPE(rb_capability_name_or_type)) {
|
|
301
|
-
|
|
302
|
-
|
|
303
|
-
|
|
304
|
-
|
|
305
|
-
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
|
|
310
|
-
|
|
311
|
-
|
|
471
|
+
case T_SYMBOL:
|
|
472
|
+
capability_type = capability_type_name_to_capability_type(
|
|
473
|
+
RSTRING_PTR(rb_sym2str(rb_capability_name_or_type)));
|
|
474
|
+
break;
|
|
475
|
+
case T_STRING:
|
|
476
|
+
capability_type = capability_type_name_to_capability_type(
|
|
477
|
+
StringValuePtr(rb_capability_name_or_type));
|
|
478
|
+
break;
|
|
479
|
+
case T_FIXNUM:
|
|
480
|
+
capability_type = NUM2INT(rb_capability_name_or_type);
|
|
481
|
+
break;
|
|
482
|
+
default:
|
|
483
|
+
rb_raise(rb_eArgError,
|
|
484
|
+
"Expected a String or a Symbol instance, or a capability type constant");
|
|
312
485
|
}
|
|
313
486
|
|
|
314
487
|
switch (TYPE(rb_capability_or_name)) {
|
|
315
|
-
|
|
316
|
-
|
|
317
|
-
|
|
318
|
-
|
|
319
|
-
|
|
320
|
-
|
|
321
|
-
|
|
322
|
-
|
|
323
|
-
|
|
324
|
-
|
|
325
|
-
|
|
488
|
+
case T_SYMBOL:
|
|
489
|
+
capability =
|
|
490
|
+
capng_name_to_capability(RSTRING_PTR(rb_sym2str(rb_capability_or_name)));
|
|
491
|
+
break;
|
|
492
|
+
case T_STRING:
|
|
493
|
+
capability = capng_name_to_capability(StringValuePtr(rb_capability_or_name));
|
|
494
|
+
break;
|
|
495
|
+
case T_FIXNUM:
|
|
496
|
+
capability = NUM2INT(rb_capability_or_name);
|
|
497
|
+
break;
|
|
498
|
+
default:
|
|
499
|
+
rb_raise(rb_eArgError,
|
|
500
|
+
"Expected a String or a Symbol instance, or a capability constant");
|
|
326
501
|
}
|
|
327
502
|
|
|
328
503
|
result = capng_have_capability(capability_type, capability);
|
|
@@ -333,11 +508,19 @@ rb_capng_have_capability_p(VALUE self, VALUE rb_capability_name_or_type, VALUE r
|
|
|
333
508
|
return Qfalse;
|
|
334
509
|
}
|
|
335
510
|
|
|
511
|
+
/*
|
|
512
|
+
* Retrieve capabilities from file.
|
|
513
|
+
*
|
|
514
|
+
* @param rb_file [File] target file object
|
|
515
|
+
*
|
|
516
|
+
* @return [Boolean]
|
|
517
|
+
*
|
|
518
|
+
*/
|
|
336
519
|
static VALUE
|
|
337
520
|
rb_capng_get_caps_file(VALUE self, VALUE rb_file)
|
|
338
521
|
{
|
|
339
522
|
int result = 0, fd = 0;
|
|
340
|
-
rb_io_t
|
|
523
|
+
rb_io_t* fptr = NULL;
|
|
341
524
|
|
|
342
525
|
Check_Type(rb_file, T_FILE);
|
|
343
526
|
|
|
@@ -354,11 +537,19 @@ rb_capng_get_caps_file(VALUE self, VALUE rb_file)
|
|
|
354
537
|
return Qfalse;
|
|
355
538
|
}
|
|
356
539
|
|
|
540
|
+
/*
|
|
541
|
+
* Apply capabilities on specified target (file specific version).
|
|
542
|
+
*
|
|
543
|
+
* @param rb_file [File] target file object
|
|
544
|
+
*
|
|
545
|
+
* @return [Boolean]
|
|
546
|
+
*
|
|
547
|
+
*/
|
|
357
548
|
static VALUE
|
|
358
549
|
rb_capng_apply_caps_file(VALUE self, VALUE rb_file)
|
|
359
550
|
{
|
|
360
551
|
int result = 0, fd = 0;
|
|
361
|
-
rb_io_t
|
|
552
|
+
rb_io_t* fptr = NULL;
|
|
362
553
|
|
|
363
554
|
Check_Type(rb_file, T_FILE);
|
|
364
555
|
|
|
@@ -376,15 +567,15 @@ rb_capng_apply_caps_file(VALUE self, VALUE rb_file)
|
|
|
376
567
|
return Qfalse;
|
|
377
568
|
}
|
|
378
569
|
|
|
379
|
-
|
|
380
570
|
void
|
|
381
571
|
Init_capng(void)
|
|
382
572
|
{
|
|
383
|
-
rb_cCapNG = rb_define_class("CapNG", rb_cObject);
|
|
573
|
+
VALUE rb_cCapNG = rb_define_class("CapNG", rb_cObject);
|
|
384
574
|
|
|
385
575
|
rb_define_alloc_func(rb_cCapNG, rb_capng_alloc);
|
|
386
576
|
|
|
387
577
|
rb_define_method(rb_cCapNG, "initialize", rb_capng_initialize, -1);
|
|
578
|
+
rb_define_method(rb_cCapNG, "return_code", rb_capng_return_code, 0);
|
|
388
579
|
rb_define_method(rb_cCapNG, "clear", rb_capng_clear, 1);
|
|
389
580
|
rb_define_method(rb_cCapNG, "fill", rb_capng_fill, 1);
|
|
390
581
|
rb_define_method(rb_cCapNG, "setpid", rb_capng_setpid, 1);
|