capxprint prints the (interpreted) contents of a capx stub file.

Examples

capxprint /bin/ping

Overview

capxprint filename

General

A capx stub file is an executable file that causes another executable file to be executed in its place, but with possibly different Linux capabilities. A capx stub file effectively implements the file capabilities that are part of the POSIX capabilities model. You typically create a capx stub file with mkcapx. capxprint shows you the contents of a capx stub file in user friendly format. It essentially shows you what mkcapx options were used to create it.

capxprint writes its output to Standard Output.

capxprint displays a capability set in the same format as you specify them on a mkcapx command, as in these examples:

chown

sys_admin,sys_module

!sysadmin,sys_module

This ! means "all capabilities except." Remember to escape this in a shell command

An empty string means no capabilities. A lone exclamation point (!) means all capabilities.

capxprint shows you both the capability bit string (in binary) and its user friendly interpretation of it. It uses the affirmative or negative (!) form, whichever is shorter.

See Also

Use mkcapx to create a capx stub file.

Use od to display the contents of a capx stub file as raw bits, e.g. in hexadecimal.