[PATCH 11/16] Manual pages: capsh.1: Correct/update the Cap field example for /proc/PID/status

Michael Kerrisk (man-pages) mtk.manpages at gmail.com
Thu Jul 16 10:18:22 UTC 2020

The /proc/1/status output shown for --decode=N is bogus
(e.g., ffffffffffffffff == 64 capability bits). Furthermore,
showing CAP_SETPCAP as missing from CapEff is historical,
and ceased to be actual more than 10 years ago.

Replace with a more current example, and also add the CapAmb field.

This change renders some of the following text obsolete;
that will be fixed in the next patch.

Signed-off-by: Michael Kerrisk (man-pages) <mtk.manpages at gmail.com>
 doc/capsh.1 | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/doc/capsh.1 b/doc/capsh.1
index 522e719..916353a 100644
--- a/doc/capsh.1
+++ b/doc/capsh.1
@@ -198,10 +198,11 @@ This is a convenience feature. If you look at
 there are some capability related fields of the following form:
- CapInh:	0000000000000000
- CapPrm:	ffffffffffffffff
- CapEff:	fffffffffffffeff
- CapBnd:	ffffffffffffffff
+CapInh:	0000000000000000
+CapPrm:	0000003fffffffff
+CapEff:	0000003fffffffff
+CapBnd:	0000003fffffffff
+CapAmb:	0000000000000000
 This option provides a quick way to decode a capability vector

More information about the Linux-security-module-archive mailing list