ObjectiveFS supports file capabilities in versions 6.5 and newer.
Linux capabilities separates system access into different categories that can be independently enabled and disabled. Linux file capabilities allows enabling the different system permissions on a per-executable file basis.
To use ObjectiveFS with capabilities, mount your filesystem as usual (with suid
enabled) on your Linux server and run the corresponding capabilities command.
Set the CAP_NET_RAW
capability on file /ofs/ping
to effective, inhertable and permitted:
# sudo setcap cap_net_raw=eip /ofs/ping
Check the capabilities set on a file:
# getcap /ofs/ping
Remove all capabilities from a file:
# setcap -r /ofs/ping
by ObjectiveFS staff, November 26, 2019
ObjectiveFS is a shared file system for Linux and OS X that automatically scales and gives you scalable cloud storage.
If you have questions or article idea suggestions, please email us at support@objectivefs.com