1. Manuals
  2. Tumbleweed
  3. man-pages
  4. PR_CAPBSET_DROP(2const)

Scroll to navigation

PR_CAPBSET_DROP(2const) PR_CAPBSET_DROP(2const)

NAME

PR_CAPBSET_DROP - drop a capability from the calling thread's capability bounding set

LIBRARY

Standard C library (libc, -lc)

SYNOPSIS

#include <linux/prctl.h>  /* Definition of PR_* constants */
#include <sys/prctl.h>
int prctl(PR_CAPBSET_DROP, long cap);

DESCRIPTION

Drop the capability specified by cap from the calling thread's capability bounding set. Any children of the calling thread will inherit the newly reduced bounding set.

RETURN VALUE

On success, 0 is returned. On error, -1 is returned, and errno is set to indicate the error.

ERRORS

File capabilities are not enabled in the kernel.
cap does not specify a valid capability.
The caller does not have the CAP_SETPCAP capability.

VERSIONS

A higher-level interface layered on top of this operation is provided in the libcap(3) library in the form of cap_drop_bound(3).

STANDARDS

Linux.

HISTORY

Linux 2.6.25.

SEE ALSO

prctl(2), PR_CAPBSET_READ(2const) libcap(3), cap_drop_bound(3)

2024-06-02 Linux man-pages (unreleased)