cap_emulate_setxuid

Name:ap_emulate_setxuid() fixes the effective / permitted capabilities of* a process after a call to setuid, setreuid, or setresuid.* 1) When set*uiding _from_ one of {r,e,s}uid == 0 _to_ all of* {r,e,s}uid != 0, the permitted and effective capabilities are

Proto:static inline void cap_emulate_setxuid(struct cred *new, const struct cred *old)

Type:void

Parameter:

Type	Parameter	Name
struct cred *	new
const struct cred *	old

999

root_uid = make_kuid - Map a user-namespace uid pair into a kuid

1001

If ( uid_eq( real UID of the task , root_uid) || uid_eq( effective UID of the task , root_uid) || uid_eq( saved UID of the task , root_uid)) && Not uid_eq( real UID of the task , root_uid) && Not uid_eq( effective UID of the task , root_uid) && Not uid_eq( saved UID of the task , root_uid) Then

1007

If Not issecure(When set, a process can retain its capabilities even aftertransitioning to a non-root user (the set-uid fixup suppressed bybit 2). Bit-4 is cleared when a process calls exec(); setting bothbit 4 and 5 will create a barrier through exec that no exec()'d) Then

1008

cap_clear( caps we're permitted )

1009

cap_clear( caps we can actually use )

1017

cap_clear( Ambient capability set )

1019

If uid_eq( effective UID of the task , root_uid) && Not uid_eq( effective UID of the task , root_uid) Then cap_clear( caps we can actually use )

1021

If Not uid_eq( effective UID of the task , root_uid) && uid_eq( effective UID of the task , root_uid) Then caps we can actually use = caps we're permitted

**Caller**
Name	Describe
cap_task_fix_setuid	ap_task_fix_setuid - Fix up the results of setuid() call@new: The proposed credentials@old: The current task's current credentials@flags: Indications of what has changed Fix up the results of setuid() call before the credential changes are

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report