capabilities – Manage Linux capabilities

From Get docs
Ansible/docs/2.8/modules/capabilities module


capabilities – Manage Linux capabilities

Synopsis

  • This module manipulates files privileges using the Linux capabilities(7) system.

Parameters

Parameter Choices/Defaults Comments

capability

string / required

Desired capability to set (with operator and flags, if state is present) or remove (if state is absent)


aliases: cap

path

string / required

Specifies the path to the file to be managed.


aliases: key

state

string

  • absent
  • present

Whether the entry should be present or absent in the file's capabilities.



Notes

Note

  • The capabilities system will automatically transform operators and flags into the effective set, so for example, cap_foo=ep will probably become cap_foo+ep.
  • This module does not attempt to determine the final operator and flags to compare, so you will want to ensure that your capabilities argument matches the final capabilities.


Examples

- name: Set cap_sys_chroot+ep on /foo
  capabilities:
    path: /foo
    capability: cap_sys_chroot+ep
    state: present

- name: Remove cap_net_bind_service from /bar
  capabilities:
    path: /bar
    capability: cap_net_bind_service
    state: absent

Status

Authors

  • Nate Coraor (@natefoo)

Hint

If you notice any issues in this documentation you can edit this document to improve it.


© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/capabilities_module.html