Skip to content

Feature request - Add file.capabilities (Linux) #1020

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

Feature request - Add file.capabilities (Linux) #1020

wants to merge 1 commit into from

Conversation

@ahuret
Copy link

@ahuret ahuret commented Mar 14, 2025
edited by github-actions bot
Loading

Checklist
  • make test-all (UNIX) passes. CI will also test this
  • unit and/or integration tests are included (if applicable)
  • documentation is changed or added (if applicable)

Description of change

This is a new test feature included in file test called capabilities.
It aims to add a simple way to test for file Linux effective capabilities .
The test uses this Golang package https://github.com/syndtr/gocapability .

Usage:

file:
  my-file:
    exists: true
    capabilities:
        - 38 # CAP_PERFMON
        - 21 # CAP_SYS_ADMIN

It will test if the file has the capabilities CAP_PERFMON and CAP_SYS_ADMIN, if not the test fails.
One problem with that is to use the enum syntax to describe capabilities (see caps enums). I think it would be easier for user to write the name of the capability instead of a number but it requires to add code to transform enum in string, so I was not sure about it in term of code simplicity.

This PR is related to this issue #971 .

📚 Documentation preview 📚: https://goss--1020.org.readthedocs.build/en/1020/

titouanj added a commit to alumet-dev/packaging that referenced this pull request Apr 16, 2025
@titouanj
ci(dgoss): add a check on binary capabilities
368c637 
Using the command function for the moment. Will use the capabiliy one when goss-org/goss#1020 is merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aelsabbahy aelsabbahy Awaiting requested review from aelsabbahy aelsabbahy will be requested when the pull request is marked ready for review aelsabbahy is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ahuret