NAME capget, capset - set/get capabilities of thread(s) LIBRARY Standard C library ( libc , -lc ) SYNOPSIS ... kernel interface for getting and setting thread capabilities. Not onl…NAME capget, capset - set/get capabilities of thread(s) LIBRARY Standard C library ( libc , -lc ) SYNOPSIS ... kernel interface for getting and setting thread capabilities. Not onl…calling process is being ptraced. The capabilities of the program file (see capabilities ... group-ID program, or a program with capabilities is being executed, in which casefactors such as the credentials and capabilities of the two processes, whether ... credentials (7)) or effective capabilities for LSM checks. PTRACE_MODE_REALCREDS Use the callergroup-ID mode bits and file capabilities when executing programs. If set in attr ... following xattr (7) keys: • security.capability , whenever filesystem capabilities are stored o…user namespace, a process is granted all capabilities in that namespace, regardless of its user ... This prevents a caller that has dropped capabilities from regaining those capabi…have the CAP_SYS_ADMIN capability (see capabilities ... caller regardless of the caller's capabilities. The permissions in arg3 specify masks of availablecheck uses the set of permitted capabilities rather than the set of effective capabilities ... check uses an empty set of capabilities. This allows set-user-ID programs and capabil…check uses the set of permitted capabilities rather than the set of effective capabilities ... check uses an empty set of capabilities. This allows set-user-ID programs and capabil…check uses the set of permitted capabilities rather than the set of effective capabilities ... check uses an empty set of capabilities. This allows set-user-ID programs and capabil…NEWUSER required that the caller have three capabilities: CAP_SYS_ADMIN , CAP_SETUID ... tkill (2), unshare (2), wait (2), capabilities (7), namespaces (7), pthreadsNEWUSER required that the caller have three capabilities: CAP_SYS_ADMIN , CAP_SETUID ... tkill (2), unshare (2), wait (2), capabilities (7), namespaces (7), pthreadsNEWUSER required that the caller have three capabilities: CAP_SYS_ADMIN , CAP_SETUID ... tkill (2), unshare (2), wait (2), capabilities (7), namespaces (7), pthreadscaller obtains a full set of capabilities in the new namespace. CLONE_NEWUSER requires that ... namespace automatically confers a full set of capabilities, creating both a user nam…container where it does not have sufficient capabilities to mount a filesystem in the container ... more privileged process that does have sufficient capabilities to perform the mo…syscalls (2), errno (3), intro (3), capabilities (7), credentials (7), feature_test_macrossettimeofday (2), adjtime (3), ntp_gettime (3), capabilities (7), time (7), adjtimex (8), hwclocksettimeofday (2), adjtime (3), ntp_gettime (3), capabilities (7), time (7), adjtimex (8), hwclockkeyctl (2), keyctl (3), capabilities (7), keyrings (7), keyutils (7), persistent-keyring (7), process-keyring