Linux capabilities were introduced in kernel 2.2, while Namespaces in kernel 3.8 (by introduction I just mean introduction, and not the final implementation of the feature, which sometimes takes a lot of releases). Two technologies separated so far apa...
Debugging Linux kernel using virtual machine - Qemu monitor and GDB
This method to debug kernel uses the inbuilt gdb server exposed by Qemu for a running virtual machine. This is superior to just running gdb on the kernel, since Qemu monitor provides many more options.
A. Preparation
Tell Qemu to provide a way to conn...
Finding capabilities from inside Linux kernel
Problem statement -
You have to find (print) the capabilities of a process from inside the kernel.
Since you are inside Linux Kernel you cannot use user space utilities(shell commands) to get capabilities, neither do you have user space library calls c...
LXC, Linux capabilities, and Kernel Modules
By default LXC drops the following capabilities from container.mac_adminmac_overridesys_timesys_modulesys_rawioAs can be seen in the following line from "/usr/share/lxc/config/common.conf".
# Drop some harmful capabilities
lxc.cap.drop = mac_admin mac...
Linux capabilities list
Linux v4.7
The numbers these capabilities are defined to indicate there bit positions in the memory area where a capability set is stored.
For example,
#define CAP_AUDIT_READ 37This means that if a location of X bytes is used for storing capability...
sahil singh
Thoughts on Linux