1 |
How do you grant a capability (e.g. CAP_NET_RAW) to a user? |
2 |
|
3 |
I've been googling and have found countless articles and blog posts |
4 |
explaining what each capability is and how to grant capabilities to an |
5 |
executable file. While granting the capability to an executable does |
6 |
work, that's not what I need to do for a couple different reasons. |
7 |
|
8 |
I need to grant the capability to a user, not to the executable. |
9 |
|
10 |
There were a couple vague references implying that you can configure |
11 |
"login to grant the desired capabilities" when a user logs in, but |
12 |
I've not found any documentation on how to do that. |
13 |
|
14 |
I've tried editing /etc/security/capability.conf and adding the line |
15 |
|
16 |
cap_net_raw <username> |
17 |
|
18 |
But, that doesn't seem to have any effect (yes, I logged out and back |
19 |
in again). |
20 |
|
21 |
-- |
22 |
Grant Edwards grant.b.edwards Yow! Mary Tyler Moore's |
23 |
at SEVENTH HUSBAND is wearing |
24 |
gmail.com my DACRON TANK TOP in a |
25 |
cheap hotel in HONOLULU! |