/* vi: set sw=4 ts=4: */ /* * setpriv implementation for busybox based on linux-utils-ng 2.29 * * Copyright (C) 2017 by * * Licensed under GPLv2 or later, see file LICENSE in this source tree. * */ //config:config SETPRIV //config: bool "setpriv" //config: default y //config: select PLATFORM_LINUX //config: select LONG_OPTS //config: help //config: Run a program with different Linux privilege settings. //config: Requires kernel >= 3.5 //applet:IF_SETPRIV(APPLET(setpriv, BB_DIR_BIN, BB_SUID_DROP)) //kbuild:lib-$(CONFIG_SETPRIV) += setpriv.o //usage:#define setpriv_trivial_usage //usage: "[OPTIONS] PROG [ARGS]" //usage:#define setpriv_full_usage "\n\n" //usage: "Run PROG with different privilege settings\n" //usage: "\n--nnp,--no-new-privs Ignore setuid/setgid bits and file capabilities" //setpriv from util-linux 2.28: // -d, --dump show current state (and do not exec anything) // --nnp, --no-new-privs disallow granting new privileges // --inh-caps set inheritable capabilities // --bounding-set set capability bounding set // --ruid set real uid // --euid set effective uid // --rgid set real gid // --egid set effective gid // --reuid set real and effective uid // --regid set real and effective gid // --clear-groups clear supplementary groups // --keep-groups keep supplementary groups // --groups set supplementary groups // --securebits set securebits // --selinux-label