|
Open SCAP Library
|
process58-capability.h
00001 #pragma once 00002 00003 #ifndef OPENSCAP_OVAL_PROBE_PROCESS58_CAPABILITY_H_ 00004 #define OPENSCAP_OVAL_PROBE_PROCESS58_CAPABILITY_H_ 00005 00006 /* map based on OVAL and /usr/include/linux/capability.h 00007 * not all capabilities from capability.h are allowed in OVAL */ 00008 #define OVAL_5_8_MAX_CAP_ID 33 00009 #define OVAL_5_11_MAX_CAP_ID 38 00010 static const struct oscap_string_map CapabilityType[] = { 00011 {0, "CAP_CHOWN"}, 00012 {1, "CAP_DAC_OVERRIDE"}, 00013 {2, "CAP_DAC_READ_SEARCH"}, 00014 {3, "CAP_FOWNER"}, 00015 {4, "CAP_FSETID"}, 00016 {5, "CAP_KILL"}, 00017 {6, "CAP_SETGID"}, 00018 {7, "CAP_SETUID"}, 00019 {8, "CAP_SETPCAP"}, 00020 {9, "CAP_LINUX_IMMUTABLE"}, 00021 {10, "CAP_NET_BIND_SERVICE"}, 00022 {11, "CAP_NET_BROADCAST"}, 00023 {12, "CAP_NET_ADMIN"}, 00024 {13, "CAP_NET_RAW"}, 00025 {14, "CAP_IPC_LOCK"}, 00026 {15, "CAP_IPC_OWNER"}, 00027 {16, "CAP_SYS_MODULE"}, 00028 {17, "CAP_SYS_RAWIO"}, 00029 {18, "CAP_SYS_CHROOT"}, 00030 {19, "CAP_SYS_PTRACE"}, 00031 {21, "CAP_SYS_ADMIN"}, 00032 {22, "CAP_SYS_BOOT"}, 00033 {23, "CAP_SYS_NICE"}, 00034 {24, "CAP_SYS_RESOURCE"}, 00035 {25, "CAP_SYS_TIME"}, 00036 {26, "CAP_SYS_TTY_CONFIG"}, 00037 {27, "CAP_MKNOD"}, 00038 {28, "CAP_LEASE"}, 00039 {29, "CAP_AUDIT_WRITE"}, 00040 {30, "CAP_AUDIT_CONTROL"}, 00041 {31, "CAP_SETFCAP"}, 00042 {32, "CAP_MAC_OVERRIDE"}, 00043 {33, "CAP_MAC_ADMIN"}, 00044 /* New capabilities in OVAL 5.11 */ 00045 {34, "CAP_SYS_PACCT"}, 00046 {35, "CAP_SYSLOG"}, 00047 {36, "CAP_WAKE_ALARM"}, 00048 {37, "CAP_BLOCK_SUSPEND"}, 00049 {38, "CAP_AUDIT_READ"}, 00050 {-1, NULL} 00051 }; 00052 00053 #endif
