I am trying to unmount a usb-storage device through a c++ program, using umount2() function. Since umount2() needs administrative privileges, I implemented umount2() with cap_set_proc() as follows
cap_t caps;
cap_value_t cap_list[1];
caps = cap_get_proc();
if (caps == NULL)
std::cout << "cap_get_proc failed: " << strerror(errno) << std::endl;
cap_list[0] = CAP_SYS_ADMIN;
if (cap_set_flag(caps, CAP_EFFECTIVE, 1, cap_list, CAP_SET) == -1)
std::cout << "cap_set_flags failed: " << strerror(errno) << std::endl;
if (cap_set_proc(caps) == -1)
std::cout << "cap_set_proc failed: " << strerror(errno) << std::endl;
else
{
while(umount2("/media/user/usb_storage_device", MNT_DETACH))
{
std::cout << "ERROR: " << strerror(errno) << std::endl;
std::this_thread::sleep_for (std::chrono::seconds(2));
}
std::cout << "Unmounted!" << std::endl;
}
if (cap_free(caps) == -1)
std::cout << "cap_free failed: " << strerror(errno) std::endl;
But when I run the above code as a normal user I get error:
"cap_set_proc failed: Operation not permitted"
But, if I run the code as a root, usb-storage device is unmounted successfully. So my question is, what is the use of using cap_set_proc() to provide administrative privileges, if the cap_set_proc() function itself needs root privileges to execute? Am I doing something wrong here?
Also,is it possible to actually use cap_set_proc() without executing the program with sudo?
Please help.