cap man page on Plan9

Man page or keyword search:  
man Server   549 pages
apropos Keyword Search (all sections)
Output format
Plan9 logo
[printable version]

CAP(3)									CAP(3)

       cap - capabilities for setting the user id of processes

       bind #¤ dir


       This  device  enables  a	 trusted  process  to create a capability that
       another process may then use to change its user id.  The intent	is  to
       allow  server processes, for example telnetd (see ipserv(8)), to change
       their user id after having proved to a trusted process, such as	facto‐
       tum(4),	that they are indeed executing on behalf of a user.  A trusted
       process is one running  with  the  user	id  of	the  host  owner  (see
       /dev/hostowner in cons(3)).

       A  capability  is a null terminated string consisting of the concatena‐
       tion of an old user name, an ``@'', a new user name, an	``@'',	and  a
       string  of  randomly  generated characters called the key.  The trusted
       process enables the kernel to authenticate capabilities passed to it by
       writing	to  caphash  a	secure hash of the capability.	The hash is 20
       bytes long and generated by the following call:

	    hmac_sha1(old_at_new, strlen(old_at_new), key, strlen(key),
		 hash, nil);

       The kernel maintains a list of hashes, freeing them  after  the	corre‐
       sponding	 capability  is	 used  or  after a minute has passed since the
       write to caphash.

       The trusted process may then pass the capability to any process running
       as  the	old  user.  That process may then use the capability to change
       identity to the new user.  A process uses a capability by writing it to
       capuse.	 The kernel computes the same hash using the supplied capabil‐
       ity and searches its list of hashes for a match.	 If one is found,  the
       kernel sets the process's user id to that in the capability.



       Errors  generated  by  reading  and  writing  caphash and capuse can be
       obtained using errstr(2).  A read of caphash with a length of less than
       20 or a write to capuse that doesn't contain two @ characters generates
       the error ``read or write too small''.  A write to capuse that  has  no
       matching hash generates the error ``invalid capability''.

                             _         _         _ 
                            | |       | |       | |     
                            | |       | |       | |     
                         __ | | __ __ | | __ __ | | __  
                         \ \| |/ / \ \| |/ / \ \| |/ /  
                          \ \ / /   \ \ / /   \ \ / /   
                           \   /     \   /     \   /    
                            \_/       \_/       \_/ 
More information is available in HTML format for server Plan9

List of man pages available for Plan9

Copyright (c) for man pages and the logo by the respective OS vendor.

For those who want to learn more, the polarhome community provides shell access and support.

[legal] [privacy] [GNU] [policy] [cookies] [netiquette] [sponsors] [FAQ]
Polarhome, production since 1999.
Member of Polarhome portal.
Based on Fawad Halim's script.
Vote for polarhome
Free Shell Accounts :: the biggest list on the net