github.com/metacubex/gvisor@v0.0.0-20240320004321-933faba989ec/pkg/sentry/strace/capability.go (about) 1 // Copyright 2019 The gVisor Authors. 2 // 3 // Licensed under the Apache License, Version 2.0 (the "License"); 4 // you may not use this file except in compliance with the License. 5 // You may obtain a copy of the License at 6 // 7 // http://www.apache.org/licenses/LICENSE-2.0 8 // 9 // Unless required by applicable law or agreed to in writing, software 10 // distributed under the License is distributed on an "AS IS" BASIS, 11 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 // See the License for the specific language governing permissions and 13 // limitations under the License. 14 15 package strace 16 17 import ( 18 "github.com/metacubex/gvisor/pkg/abi" 19 "github.com/metacubex/gvisor/pkg/abi/linux" 20 ) 21 22 // CapabilityBitset is the set of capabilities in a bitset. 23 var CapabilityBitset = abi.FlagSet{ 24 { 25 Flag: 1 << uint32(linux.CAP_CHOWN), 26 Name: "CAP_CHOWN", 27 }, 28 { 29 Flag: 1 << uint32(linux.CAP_DAC_OVERRIDE), 30 Name: "CAP_DAC_OVERRIDE", 31 }, 32 { 33 Flag: 1 << uint32(linux.CAP_DAC_READ_SEARCH), 34 Name: "CAP_DAC_READ_SEARCH", 35 }, 36 { 37 Flag: 1 << uint32(linux.CAP_FOWNER), 38 Name: "CAP_FOWNER", 39 }, 40 { 41 Flag: 1 << uint32(linux.CAP_FSETID), 42 Name: "CAP_FSETID", 43 }, 44 { 45 Flag: 1 << uint32(linux.CAP_KILL), 46 Name: "CAP_KILL", 47 }, 48 { 49 Flag: 1 << uint32(linux.CAP_SETGID), 50 Name: "CAP_SETGID", 51 }, 52 { 53 Flag: 1 << uint32(linux.CAP_SETUID), 54 Name: "CAP_SETUID", 55 }, 56 { 57 Flag: 1 << uint32(linux.CAP_SETPCAP), 58 Name: "CAP_SETPCAP", 59 }, 60 { 61 Flag: 1 << uint32(linux.CAP_LINUX_IMMUTABLE), 62 Name: "CAP_LINUX_IMMUTABLE", 63 }, 64 { 65 Flag: 1 << uint32(linux.CAP_NET_BIND_SERVICE), 66 Name: "CAP_NET_BIND_SERVICE", 67 }, 68 { 69 Flag: 1 << uint32(linux.CAP_NET_BROADCAST), 70 Name: "CAP_NET_BROADCAST", 71 }, 72 { 73 Flag: 1 << uint32(linux.CAP_NET_ADMIN), 74 Name: "CAP_NET_ADMIN", 75 }, 76 { 77 Flag: 1 << uint32(linux.CAP_NET_RAW), 78 Name: "CAP_NET_RAW", 79 }, 80 { 81 Flag: 1 << uint32(linux.CAP_IPC_LOCK), 82 Name: "CAP_IPC_LOCK", 83 }, 84 { 85 Flag: 1 << uint32(linux.CAP_IPC_OWNER), 86 Name: "CAP_IPC_OWNER", 87 }, 88 { 89 Flag: 1 << uint32(linux.CAP_SYS_MODULE), 90 Name: "CAP_SYS_MODULE", 91 }, 92 { 93 Flag: 1 << uint32(linux.CAP_SYS_RAWIO), 94 Name: "CAP_SYS_RAWIO", 95 }, 96 { 97 Flag: 1 << uint32(linux.CAP_SYS_CHROOT), 98 Name: "CAP_SYS_CHROOT", 99 }, 100 { 101 Flag: 1 << uint32(linux.CAP_SYS_PTRACE), 102 Name: "CAP_SYS_PTRACE", 103 }, 104 { 105 Flag: 1 << uint32(linux.CAP_SYS_PACCT), 106 Name: "CAP_SYS_PACCT", 107 }, 108 { 109 Flag: 1 << uint32(linux.CAP_SYS_ADMIN), 110 Name: "CAP_SYS_ADMIN", 111 }, 112 { 113 Flag: 1 << uint32(linux.CAP_SYS_BOOT), 114 Name: "CAP_SYS_BOOT", 115 }, 116 { 117 Flag: 1 << uint32(linux.CAP_SYS_NICE), 118 Name: "CAP_SYS_NICE", 119 }, 120 { 121 Flag: 1 << uint32(linux.CAP_SYS_RESOURCE), 122 Name: "CAP_SYS_RESOURCE", 123 }, 124 { 125 Flag: 1 << uint32(linux.CAP_SYS_TIME), 126 Name: "CAP_SYS_TIME", 127 }, 128 { 129 Flag: 1 << uint32(linux.CAP_SYS_TTY_CONFIG), 130 Name: "CAP_SYS_TTY_CONFIG", 131 }, 132 { 133 Flag: 1 << uint32(linux.CAP_MKNOD), 134 Name: "CAP_MKNOD", 135 }, 136 { 137 Flag: 1 << uint32(linux.CAP_LEASE), 138 Name: "CAP_LEASE", 139 }, 140 { 141 Flag: 1 << uint32(linux.CAP_AUDIT_WRITE), 142 Name: "CAP_AUDIT_WRITE", 143 }, 144 { 145 Flag: 1 << uint32(linux.CAP_AUDIT_CONTROL), 146 Name: "CAP_AUDIT_CONTROL", 147 }, 148 { 149 Flag: 1 << uint32(linux.CAP_SETFCAP), 150 Name: "CAP_SETFCAP", 151 }, 152 { 153 Flag: 1 << uint32(linux.CAP_MAC_OVERRIDE), 154 Name: "CAP_MAC_OVERRIDE", 155 }, 156 { 157 Flag: 1 << uint32(linux.CAP_MAC_ADMIN), 158 Name: "CAP_MAC_ADMIN", 159 }, 160 { 161 Flag: 1 << uint32(linux.CAP_SYSLOG), 162 Name: "CAP_SYSLOG", 163 }, 164 { 165 Flag: 1 << uint32(linux.CAP_WAKE_ALARM), 166 Name: "CAP_WAKE_ALARM", 167 }, 168 { 169 Flag: 1 << uint32(linux.CAP_BLOCK_SUSPEND), 170 Name: "CAP_BLOCK_SUSPEND", 171 }, 172 { 173 Flag: 1 << uint32(linux.CAP_AUDIT_READ), 174 Name: "CAP_AUDIT_READ", 175 }, 176 }