How does one make an RPM which sets the POSIX capabilities of a file? If I try doing rpmbuild as a non-root user then I get an error when my makefile's install hooks try to run setcap, but if I don't run setcap how will rpmbuild copy the capabilities? There doesn't seem to be any way to set the capability from within the RPM spec file.
Making an RPM which sets POSIX files capabilities
2.5k views Asked by Matthew Cline At
1
There are 1 answers
Related Questions in LINUX
- Is there some way to use printf to print a horizontal list of decrementing hex digits in NASM assembly on Linux
- Why does Hugo generate different taxonomy-related HTML on different OS's?
- Writes in io_uring do not advance the file offset
- Why `set -o pipefail` gives different output even though the pipe is not failing
- what really controls the permissions: UID or eUID?
- Compiling eBPF program in Docker fails due to missing '__u64' type
- Docker container unable to make HTTPS requests to external API
- Whow to use callback_query_handler in Python 3.10
- Create kea runtime directory at startup in Yocto image
- Problem on CPU scheduling algorithms in OS
- How to copy files into the singularity sandbox?
- Android kernel error: undefined reference to `get_hw_version_platform'
- Is there a need for BPF Linux namespace?
- Error when trying to execute a binary compiled in a Kali Linux machine on an Ubuntu system
- Issue with launching application after updating ElectronJs to version 28.0.0 on Windows and Linux
Related Questions in RPM
- RPM package signature verification in Ubuntu
- CentOS/RHEL download dependencies
- JFrog Xray SBOM: Why are there rpm packages with multiple versions that doesn't show up on my docker container?
- Stopping Jenkins from Incrementing Job Numbers When Restarting from a Stage
- building ruby 3.3.0 rpm on amazonlinux2023 is linking to hard coded directories
- RPM fails to install because of a directory conflict even though permissions are the same
- RPM Specfile wrong dependancy version resolved during dnf install
- Generated RPM has requirement on files it contains but doesn't provide them
- Testing installation and deployment of RPM
- RPM Require installs wrong dependency
- How does one tell yum to ignore a repo file with a parsing error?
- Install Multiple Tomcat9 Instance using RHEL RPM Package
- How to use "zypper info" with a specific version of a package
- How to add custom metadata using fpm for rpm/deb pacakges
- rpmbuild -bs fails for Illegal character
Related Questions in RPM-SPEC
- RPM Specfile wrong dependancy version resolved during dnf install
- Generated RPM has requirement on files it contains but doesn't provide them
- rpmbuild -bs fails for Illegal character
- YUM Dependency resolving with multiple RPMs that have the same Provides Claim
- Multiple python3 versions inside RPM package with .spec file
- How to preset service instances in RPM spec
- Editing spec file for build to pick up online html doc package in new location
- how to satisfy rpm user and group dependencies that already exist?
- rpm2cpio doesn't show every file included in the RPM package
- RPMbuild force dependency to specific RPM in built RPM
- how to solve the problem "New unsatisfied dependencies found:/usr/bin/bustle-dbus-monitor" using the %filter_from_requires macro in specfile
- how to invalidate obsoletes dependency during update
- Dynamic Requires section in RPM based on installation environment
- How do I add informations about bugfixes or security fixes to rpm spec files?
- Build a RedHat RPM from a tar file
Related Questions in LINUX-CAPABILITIES
- why does creating a file fail after CAP_DAC_OVERRIDE is dropped?
- Using setcap [capabilities] in cross-compiled platform
- Attempt to elevate to chroot capabilities but fails, WHY?
- Is there any limitation of capN for setcap?
- Cannot add process permitted capabilities through file permitted
- Unable to drop all capabilities but CAP_SETUID
- Setting cap_net_bind_service=+ep flag to Java executable changes Tomcat GC logging verbosity in IntelliJ
- How to debug an application in a kube pod with gdb without capabilities, CRD or privileged user?
- Changing capabilities of the process
- Java - can't start program with open socket capability
- What is the Linux capability(7) to write to /proc/sys/net/ipv6/conf/$IF/disable_ipv6?
- SetCap with NFS
- linux perf: how to enable perf permission for specific users?
- gitea setcap setcap cap_net_bind_service=+ep notworking in podman
- Linux capabilities for container to update file atime programmatically
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
There is a spec file macro for setting capabilities,
%caps; for some reason this seems to be mainly documented in the release notes and changelogs, so it took a while for me to find it.It's used like this in the spec file:
To get
make installto usesetcaponly when invoked by root, you can do something like this: