HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |DESCRIPTION |RETURN VALUE |CONFORMING TO |SEE ALSO |COLOPHON | |
CAP_INIT(3) Linux Programmer's ManualCAP_INIT(3)cap_init, cap_free, cap_dup - capability data object storage management
#include <sys/capability.h> cap_t cap_init(void); int cap_free(void *obj_d); cap_t cap_dup(cap_t cap_p); Link with-lcap.
The capabilities associated with a file or process are never edited directly. Instead, working storage is allocated to contain a representation of the capability state. Capabilities are edited and manipulated only within this working storage area. Once editing of the capability state is complete, the updated capability state is used to replace the capability state associated with the file or process.cap_init() creates a capability state in working storage and returns a pointer to the capability state. The initial value of all flags are cleared. The caller should free any releasable memory, when the capability state in working storage is no longer required, by callingcap_free() with thecap_t as an argument.cap_free() liberates any releasable memory that has been allocated to the capability state identified byobj_d. Theobj_d argument may identify either acap_t entity, or achar * entity allocated by thecap_to_text() function.cap_dup() returns a duplicate capability state in working storage given by the source objectcap_p, allocating any memory necessary, and returning a pointer to the newly created capability state. Once duplicated, no operation on either capability state affects the other in any way. When the duplicated capability state in working storage is no longer required, the caller should free any releasable memory by callingcap_free() with thecap_t as an argument.
cap_init() andcap_dup() return a non-NULL value on success, and NULL on failure.cap_free() returns zero on success, and -1 on failure. On failure,errno is set toEINVALorENOMEM.
These functions are specified in the withdrawn POSIX.1e draft specification.
libcap(3),cap_clear(3),cap_copy_ext(3),cap_from_text(3),cap_get_file(3),cap_get_proc(3),capabilities(7)
This page is part of thelibcap (capabilities commands and library) project. Information about the project can be found at ⟨https://git.kernel.org/pub/scm/libs/libcap/libcap.git/⟩. If you have a bug report for this manual page, send it to morgan@kernel.org (please put "libcap" in the Subject line). This page was obtained from the project's upstream Git repository ⟨https://git.kernel.org/pub/scm/libs/libcap/libcap.git/⟩ on 2025-08-11. (At that time, the date of the most recent commit that was found in the repository was 2025-08-10.) If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.org 2021-03-06CAP_INIT(3)Pages that refer to this page:cap_clear(3), cap_copy_ext(3), cap_from_text(3), cap_get_file(3), cap_get_proc(3), cap_iab(3), cap_launch(3), libcap(3), capabilities(7)
HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |