Not needing root to administer Linux - the home of libcap

This site is devoted to announcing new versions of libcap (both C and Go implementations), and sharing information about using Linux Capabilities -- an alternative to the superuser model of privilege under Linux.

Resources:

  • Release notes for libcap, libpsx and Go packages cap and psx.

  • You can read about Linux Capabilities in this OLS paper.

  • Serge wrote a related article for Linux Journal.

  • You can download libcap(2) in the following ways:

  • Beyond Capability support, we provide a helper library for supporting POSIX semantics when libcap is used in threaded applications (linked against libpthread): libpsx.

    • This library can be used to support POSIX semantics for system calls not supported by the standard C libraries.

  • Some Go walk-through examples for manipulating privilege under Linux.

  • Feature requests and known issues are tracked here.

    • If you want to submit a patch, create a bug via the tracker, or you can directly email morgan@kernel.org an attachment formatted with git format-patch.

  • The Linux capability implementation is based on a defunct draft POSIX.1e specification for various UN*X security extensions