NAME
filecap - a program to see capabilities
SYNOPSIS
filecap [ -a | -d | /dir | /dir/file [cap1 cap2 ...] ]
DESCRIPTION
filecap is a program that prints out a report of programs with file
based capabilities. If a file is not in the report or there is no
report at all, no capabilities were found. For expedience, the default
is to check only the directories in the PATH environmental variable. If
the -a command line option is given, then all directories will be
checked. If a directory is passed, it will recursively check that
directory. If a path to a file is given, it will only check that file.
If the path to the file includes capabilities, then they are written to
the file.
OPTIONS
-a This tells the program to show all capabilities starting from
the / directory. Normally the PATH environmental variable is
used to show you capabilities on files you are likely to
execute.
-d This dumps all capabilities for reference.
EXAMPLES
To check file capabilities in $PATH:
filecap
To check file capabilities of whole system:
filecap -a
To check file capabilities recursively in a directory:
filecap /usr
To check file capabilities of a specific program:
filecap /bin/passwd
To list all possible capabilities:
filecap -d
To set a file capability on a specific program:
filecap /bin/ping net_raw net_admin
SEE ALSO
pscap(8), netcap(8), capabilities(7).
AUTHOR
Steve Grubb