NAME¶

apptainer-capability-drop - Remove capabilities from a user or group (requires root)

SYNOPSIS¶

apptainer capability drop [drop options...]

DESCRIPTION¶

Remove Linux capabilities from a user/group. NOTE: This command requires root
to run.

The capabilities argument must be separated by commas and is not case
sensitive.

To see available capabilities, type "apptainer capability avail" or refer to
capabilities manual "man 7 capabilities"

OPTIONS¶

-g, --group="" manage capabilities for a group

-h, --help[=false] help for drop

-u, --user="" manage capabilities for a user

EXAMPLE¶



  $ sudo apptainer capability drop --user nobody AUDIT_READ,CHOWN


  $ sudo apptainer capability drop --group nobody audit_write


  To drop all capabilities for a user:


  $ sudo apptainer capability drop --user nobody all

HISTORY¶

13-May-2024 Auto generated by spf13/cobra

May 2024

Auto generated by spf13/cobra

Source file:	apptainer-capability-drop.1.en.gz (from apptainer 1.3.0-bp160.1.36)
Source last updated:	2024-05-13T05:36:38Z
Converted to HTML:	2025-10-30T21:14:00Z