| 84 | } |
| 85 | |
| 86 | func Capabilities(pid int) (map[string]struct{}, map[string]struct{}, error) { |
| 87 | caps, err := capability.NewPid(pid) |
| 88 | if err != nil { |
| 89 | return nil, nil, err |
| 90 | } |
| 91 | |
| 92 | all := capability.List() |
| 93 | |
| 94 | active := map[string]struct{}{} |
| 95 | for _, cap := range all { |
| 96 | if caps.Get(capability.EFFECTIVE, cap) { |
| 97 | active[cap.String()] = struct{}{} |
| 98 | } |
| 99 | } |
| 100 | |
| 101 | max := map[string]struct{}{} |
| 102 | for _, cap := range all { |
| 103 | if caps.Get(capability.PERMITTED, cap) { |
| 104 | max[cap.String()] = struct{}{} |
| 105 | } |
| 106 | } |
| 107 | |
| 108 | return active, max, nil |
| 109 | } |
| 110 | |
| 111 | func IsDefaultCapSet(set map[string]struct{}) bool { |
| 112 | if len(set) != len(DefaultCapStrings) { |