capset_linux.go

Documentation: github.com/datawire/ambassador/v2/cmd/capabilities_wrapper

     1  package main
     2  
     3  import (
     4  	"os"
     5  
     6  	"golang.org/x/sys/unix"
     7  )
     8  
     9  func capset() error {
    10  	header := unix.CapUserHeader{
    11  		Version: unix.LINUX_CAPABILITY_VERSION_3,
    12  		Pid:     int32(os.Getpid()),
    13  	}
    14  	data := unix.CapUserData{}
    15  	if err := unix.Capget(&header, &data); err != nil {
    16  		return err
    17  	}
    18  
    19  	data.Inheritable = (1 << unix.CAP_NET_BIND_SERVICE)
    20  
    21  	if err := unix.Capset(&header, &data); err != nil {
    22  		return err
    23  	}
    24  
    25  	return nil
    26  }
    27

View as plain text