cap_from_text - Linux
Overview
cap_from_text converts a text representation of capabilities into a hexadecimal string. Capabilities are special privileges that can be granted to processes or files, and are often used to enhance security or control access to system resources.
Syntax
cap_from_text [OPTIONS] <CAPABILITY_LIST>
Options/Flags
- -e, –extended: Use extended capabilities (only available on Linux 3.4 and later)
- -v, –verbose: Display verbose output
- -h, –help: Display help and usage information
Examples
To convert the text representation of the CAP_SYS_ADMIN capability into hexadecimal:
$ cap_from_text CAP_SYS_ADMIN
00000000000000000000000000000001
To convert a list of multiple capabilities:
$ cap_from_text CAP_SYS_ADMIN CAP_NET_ADMIN
00000000000000000000000000000011
To use extended capabilities (Linux 3.4+):
$ cap_from_text --extended CAP_SYS_NICE
00000000000000000000000000000200
Common Issues
- Ensure that the specified capability is supported on your system. Use cap_get_proc(2) to check for available capabilities.
- If the output hexadecimal string is too long, use cut or sed to format it:
$ cap_from_text CAP_SYS_ADMIN | cut -c1-28
000000000000000000000000000000
Integration
cap_from_text can be used with other commands, such as setcap(8) and getcap(8), to manage capabilities. For instance, to set the capabilities of a file:
$ cap_from_text CAP_DAC_READ_SEARCH | setcap --cap-value= CAP_FILE /path/to/file
Related Commands
- setcap(8): Set capabilities on files
- getcap(8): Get capabilities from files
- cap_get_proc(2): Get capabilities of a process