-1

I have a task to fulfil and part of it is to get certain file capabilities and check if they are set correctly using C/C++. I want to make sure that certain file has cap_new_raw+ep capability. What would be other way of achieving it than using system(get_cap file) and reading output (not returning value, output)?

melpomene
  • 84,125
  • 8
  • 85
  • 148
Advent
  • 140
  • 15
  • You can find the code for the get_cap command and see what it does. – user253751 Sep 19 '18 at 05:44
  • 2
    http://man7.org/linux/man-pages/man3/libcap.3.html? – melpomene Sep 19 '18 at 05:46
  • @immibis: But which one is it? I found that those functions return cap_t structure which don't have something like possibility of returning capability I am looking for http://www.castaglia.org/proftpd/doc/devel-guide/src/lib/libcap/libcap.h.html#_cap_struct – Advent Sep 19 '18 at 06:07
  • @melponene: Okay, so which function will return informations required by me? – Advent Sep 19 '18 at 06:08
  • 3
    @Advent: Manual pages will tell you; you're expected to read them to find out what functions are available and what those that are available do. One part of learning how to program is learning how to find information about libraries you plan to use (or are thinking about using). – Jonathan Leffler Sep 19 '18 at 06:19
  • @Jonathan Leffler: Alright, I think I found it. I will post answer after I sort it out. – Advent Sep 19 '18 at 06:21

1 Answers1

2

So if I understand manual well, something like this should work:

capt_t file_cap;
cap_flag_value_t cap_flag_value;

file_cap = cap_get_file("/path/");
if(file_cap != 0) {
    if(cap_get_flag(file_cap, CAP_NEW_RAW, CAP_EFFECTIVE, &cap_flag_value) == 0) {
        if(cap_flag_value == CAP_SET)
        // it works
    }
    else // handle error
    if(cap_get_flag(file_cap, CAP_NEW_RAW, CAP_PERMITTED, &cap_flag_value) == 0) {
        if(cap_flag_value == CAP_SET)
        // it works
    }
    else // handle error
}
else // handle error
Advent
  • 140
  • 15