capget - Linux


The capget command retrieves the effective capabilities of a specified process or user. It is a versatile tool for examining capability configurations in Linux systems.


capget [options] <pid>
capget [options] <user>


  • -c: Display capabilities in a human-readable format instead of numeric.
  • -e: Retrieve capabilities for the invoking process or user if no target is specified.
  • -v: Verbose mode for additional information about retrieved capabilities.


Get capabilities of a PID:

capget 1234

Get capabilities of a user:

capget -c alice

Determine if a process has a specific capability:

capget -v -c 1234 | grep CAP_NET_ADMIN

Common Issues

  • Permission denied: Ensure you have sufficient privileges (e.g., root user) to retrieve capabilities.
  • No running process: Specify a valid PID when targeting a process.
  • User not found: Verify the existence of the user specified as a target.


  • Use capget with setcap to modify capabilities of a file or process.
  • Integrate capget into shell scripts to automate capability management tasks.

Related Commands

  • setcap: Modify the capabilities of a file or process.
  • cap_mkremap: Create a new capability mapping.
  • Kernel Capabilities: Official Linux kernel documentation on capabilities.