From 688059ebb23227fb13aad319df6e78686ea6e14a Mon Sep 17 00:00:00 2001 From: Philippe Reynes Date: Wed, 29 Jun 2016 17:19:44 +0200 Subject: makedevs: add capability support Add the support of capability to makedevs as extended attribute. Now, it's possible to add a line "|xattr " after a file description to also add a capability to this file. It's possible to add severals capabilities with severals lines. [Peter: extend doc, reword Config.in, extend error message, use HOST_MAKEDEVS_CFLAGS/LDFLAGS for all flags] Signed-off-by: Philippe Reynes Signed-off-by: Peter Korsgaard --- docs/manual/makedev-syntax.txt | 30 ++++++++++++++++++++++++++++++ 1 file changed, 30 insertions(+) (limited to 'docs/manual') diff --git a/docs/manual/makedev-syntax.txt b/docs/manual/makedev-syntax.txt index e4dffc95aa..d6efb31d42 100644 --- a/docs/manual/makedev-syntax.txt +++ b/docs/manual/makedev-syntax.txt @@ -71,3 +71,33 @@ and then for device files corresponding to the partitions of /dev/hda b 640 root root 3 1 1 1 15 ---- +Extended attributes are supported if ++BR2_ROOTFS_DEVICE_TABLE_SUPPORTS_EXTENDED_ATTRIBUTES+ is enabled. +This is done by adding a line starting with +|xattr+ after +the line describing the file. Right now, only capability +is supported as extended attribute. + +|===================== +| \|xattr | capability +|===================== + +- +|xattr+ is a "flag" that indicate an extended attribute +- +capability+ is a capability to add to the previous file + +If you want to add the capability cap_sys_admin to the binary foo, +you will write : + +---- +/usr/bin/foo f 755 root root - - - - - +|xattr cap_sys_admin+eip +---- + +You can add several capabilities to a file by using several +|xattr+ lines. +If you want to add the capability cap_sys_admin and cap_net_admin to the +binary foo, you will write : + +---- +/usr/bin/foo f 755 root root - - - - - +|xattr cap_sys_admin+eip +|xattr cap_net_admin+eip +---- -- cgit v1.2.3