1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
[[!meta copyright="Copyright © 2009 Free Software Foundation, Inc."]]
[[!meta license="""[[!toggle id="license" text="GFDL 1.2+"]][[!toggleable
id="license" text="Permission is granted to copy, distribute and/or modify this
document under the terms of the GNU Free Documentation License, Version 1.2 or
any later version published by the Free Software Foundation; with no Invariant
Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license
is included in the section entitled
[[GNU Free Documentation License|/fdl]]."]]"""]]
[[!meta title="Implementing libcap"]]
libcap is a library providing the API to access POSIX capabilities. These allow
giving various kinds of specific privileges to individual users, without giving
them full root permissions.
Although the Hurd design should facilitate implementing such features in a quite
natural fashion, there is no support for POSIX capabilities yet. As a
consequence, libcap is not available on the Hurd, and thus various packages
using it can not be easily built in Debian GNU/Hurd.
The first goal of this project is implementing a dummy libcap, which doesn't
actually do anything useful yet, but returns appropriate status messages, so
program using the library can be built and run on Debian GNU/Hurd.
Having this, actual support for at least some of the capabilities should be
implemented, as time permits. This will require some digging into Hurd
internals.
Some knowledge of POSIX capabilities will need to be obtained, and for the
latter part also some knowledge about the Hurd architecture. This project is
probably doable without previous experience with either, though.
David Hedberg applied for this project in 2010,
and though he didn't go through with it,
he fleshed out many [[libcap/details]].
Possible mentors: Samuel Thibault (youpi)
Exercise: Make libcap compile on Debian GNU/Hurd. It doesn't need to actually
do anything yet -- just make it build at all for now.
|