capng_print_caps_text - Linux


capng_print_caps_text is a command-line tool that displays the Capability NG (cap_ng) capabilities of a file, process, or thread in human-readable text format. Cap_ng is a modern alternative to the traditional POSIX.1e capabilities system and provides finer-grained control over process privileges.


capng_print_caps_text [options] <target>


  • target is the path to a file, process ID, or thread ID for which to display capabilities.


  • -F: Display capabilities in a format suitable for parsing by the capng_set_caps_text command.
  • -S: Display capabilities in a format suitable for parsing by the seccomp_ruleset command.
  • -q: Quiet mode – only print capabilities that differ from the initial set.
  • -v: Verbose mode – print additional information about capabilities.


To display the capabilities of a file:

capng_print_caps_text /bin/bash

To display the capabilities of a process:

capng_print_caps_text 1234

To display the capabilities of a thread:

capng_print_caps_text -v 1234:1

Common Issues

  • Error: Unknown file type: This error occurs when the specified file is not a file, process, or thread. Ensure that the target is a valid object type.
  • Error: Permission denied: This error occurs when the user does not have sufficient permissions to access the target or view its capabilities. Check permissions and ensure the user has necessary access rights.


capng_print_caps_text can be integrated into scripts or command chains for automating tasks related to capability management:

  • Combine with capng_set_caps_text to modify capabilities of a target.
  • Use with seccomp_ruleset to analyze capabilities and create seccomp filter rules.

Related Commands

  • setcap: Set POSIX.1e capabilities on a file.
  • capng_set_caps_text: Set cap_ng capabilities on a target.
  • seccomp_ruleset: Generate seccomp filter rules based on capabilities.