bionic (8) filecap.8.gz

Provided by: libcap-ng-utils_0.7.7-3.1_amd64 bug

NAME

       filecap - a program to see capabilities

SYNOPSIS

       filecap [ -a | -d | /dir | /dir/file [cap1 cap2 ...] ]

DESCRIPTION

       filecap  is a program that prints out a report of programs with file based capabilities. If a file is not
       in the report or there is no report at all, no capabilities were found. For expedience, the default is to
       check  only  the  directories in the PATH environmental variable. If the -a command line option is given,
       then all directories will be checked. If a directory is passed, it will recursively check that directory.
       If  a  path  to  a  file  is  given,  it  will  only  check  that  file. If the path to the file includes
       capabilities, then they are written to the file.

OPTIONS

       -a     This tells the program to show all capabilities starting from the / directory. Normally  the  PATH
              environmental variable is used to show you capabilities on files you are likely to execute.

       -d     This dumps all capabilities for reference.

EXAMPLES

       To check file capabilities in $PATH:
       filecap

       To check file capabilities of whole system:
       filecap -a

       To check file capabilities recursively in a directory:
       filecap /usr

       To check file capabilities of a specific program:
       filecap /bin/passwd

       To list all possible capabilities:
       filecap -d

       To set a file capability on a specific program:
       filecap /bin/ping net_raw net_admin

SEE ALSO

       pscap(8), netcap(8), capabilities(7).

AUTHOR

       Steve Grubb