Linux From Scratch - Version SVN-20150308

Chapter 6. Installing Basic System Software

6.26. Libcap-2.24

The Libcap package implements the user-space interfaces to the POSIX 1003.1e capabilities available in Linux kernels. These capabilities are a partitioning of the all powerful root privilege into a set of distinct privileges.

Approximate build time: less than 0.1 SBU
Required disk space: 1.8 MB

6.26.1. Installation of Libcap

6.26.2. 32-bit Installation

Compile the 32-bit package: 

make CC="gcc -m32"

This package does not come with a test suite.

Install the package: 

make RAISE_SETFCAP=no \
     prefix=/usr      \
     LIBDIR=/usr/lib32 \
     CC="gcc -m32"    \
     install
chmod -v 755 /usr/lib32/libcap.so

The meaning of the make option:

RAISE_SETFCAP=no

This parameter skips trying to use setcap on itself. This avoids an installation error if the kernel or file system does not support extended capabilities.

The shared library needs to be moved to /lib32, and as a result the .so file in /usr/lib32 will need to be recreated: 

mv -v /usr/lib32/libcap.so.* /lib32
ln -sfv ../../lib32/$(readlink /usr/lib32/libcap.so) /usr/lib32/libcap.so

Clean up the build directory before moving on to the next platform: 

make clean

6.26.3. x32 ABI Installation

Compile the x32 ABI package: 

make CC="gcc -mx32"

This package does not come with a test suite.

Install the package: 

make RAISE_SETFCAP=no \
     prefix=/usr      \
     LIBDIR=/usr/libx32 \
     CC="gcc -mx32"    \
     install
chmod -v 755 /usr/libx32/libcap.so

The meaning of the make option:

RAISE_SETFCAP=no

This parameter skips trying to use setcap on itself. This avoids an installation error if the kernel or file system does not support extended capabilities.

The shared library needs to be moved to /libx32, and as a result the .so file in /usr/libx32 will need to be recreated: 

mv -v /usr/libx32/libcap.so.* /libx32
ln -sfv ../../libx32/$(readlink /usr/libx32/libcap.so) /usr/libx32/libcap.so

Clean up the build directory before moving on to the next platform: 

make clean

6.26.4. 64-bit Installation

Compile the 64-bit package: 

make

This package does not come with a test suite.

Install the package: 

make RAISE_SETFCAP=no prefix=/usr install
chmod -v 755 /usr/lib/libcap.so

The meaning of the make option:

RAISE_SETFCAP=no

This parameter skips trying to use setcap on itself. This avoids an installation error if the kernel or file system does not support extended capabilities.

The shared library needs to be moved to /lib, and as a result the .so file in /usr/lib will need to be recreated: 

mv -v /usr/lib/libcap.so.* /lib
ln -sfv ../../lib/$(readlink /usr/lib/libcap.so) /usr/lib/libcap.so

6.26.5. Contents of Libcap

Installed programs: capsh, getcap, getpcaps, and setcap
Installed library: libcap.{a,so}

Short Descriptions

capsh

A shell wrapper to explore and constrain capability support

getcap

Examines file capabilities

getpcaps

Displays the capabilities on the queried process(es)

libcap

Contains the library functions for manipulating POSIX 1003.1e capabilities