PR_CAPBSET_DROP(2const) — Linux manual page
PR_CAPBSET_DROP(2const) PR_CAPBSET_DROP(2const)
NAME
PR_CAPBSET_DROP - drop a capability from the calling thread's
capability bounding set
LIBRARY
Standard C library (libc, -lc)
SYNOPSIS
#include <linux/prctl.h> /* Definition of PR_* constants */
#include <sys/prctl.h>
int prctl(PR_CAPBSET_DROP, long cap);
DESCRIPTION
Drop the capability specified by cap from the calling thread's
capability bounding set. Any children of the calling thread will
inherit the newly reduced bounding set.
RETURN VALUE
On success, 0 is returned. On error, -1 is returned, and errno
is set to indicate the error.
ERRORS
EINVAL File capabilities are not enabled in the kernel.
EINVAL cap does not specify a valid capability.
EPERM The caller does not have the CAP_SETPCAP capability.
VERSIONS
A higher-level interface layered on top of this operation is
provided in the libcap(3) library in the form of
cap_drop_bound(3).
STANDARDS
Linux.
HISTORY
Linux 2.6.25.
SEE ALSO
prctl(2), PR_CAPBSET_READ(2const) libcap(3), cap_drop_bound(3)
COLOPHON
This page is part of the man-pages (Linux kernel and C library
user-space interface documentation) project. Information about
the project can be found at
⟨https://www.kernel.org/doc/man-pages/⟩. If you have a bug report
for this manual page, see
⟨https://git.kernel.org/pub/scm/docs/man-pages/man-pages.git/tree/CONTRIBUTING⟩.
This page was obtained from the tarball man-pages-6.9.1.tar.gz
fetched from
⟨https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/⟩ on
2024-06-26. If you discover any rendering problems in this HTML
version of the page, or you believe there is a better or more up-
to-date source for the page, or you have corrections or
improvements to the information in this COLOPHON (which is not
part of the original manual page), send a mail to
man-pages@man7.org
Linux man-pages 6.9.1 2024-06-02 PR_CAPBSET_DROP(2const)
Pages that refer to this page: PR_CAPBSET_READ(2const), prctl(2)