plucky (2) PR_CAPBSET_DROP.2const.gz

Provided by: manpages-dev_6.9.1-1_all bug

NAME
       PR_CAPBSET_DROP - drop a capability from the calling thread's capability bounding set


LIBRARY
       Standard C library (libc, -lc)


SYNOPSIS
       #include <linux/prctl.h>  /* Definition of PR_* constants */
       #include <sys/prctl.h>

       int prctl(PR_CAPBSET_DROP, long cap);


DESCRIPTION
       Drop  the capability specified by cap from the calling thread's capability bounding set.  Any children of
       the calling thread will inherit the newly reduced bounding set.


RETURN VALUE
       On success, 0 is returned.  On error, -1 is returned, and errno is set to indicate the error.


ERRORS
       EINVAL File capabilities are not enabled in the kernel.

       EINVAL cap does not specify a valid capability.

       EPERM  The caller does not have the CAP_SETPCAP capability.


VERSIONS
       A higher-level interface layered on top of this operation is provided in the  libcap(3)  library  in  the
       form of cap_drop_bound(3).


STANDARDS
       Linux.


HISTORY
       Linux 2.6.25.


SEE ALSO
       prctl(2), PR_CAPBSET_READ(2const) libcap(3), cap_drop_bound(3)