ObjectiveFS Linux File Capabilities Support

ObjectiveFS supports file capabilities in versions 6.5 and newer.

Background on Linux Capabilities

Linux capabilities separates system access into different categories that can be independently enabled and disabled. Linux file capabilities allows enabling the different system permissions on a per-executable file basis.

Usage

To use ObjectiveFS with capabilities, mount your filesystem as usual (with suid enabled) on your Linux server and run the corresponding capabilities command.

Examples

  1. Set the CAP_NET_RAW capability on file /ofs/ping to effective, inhertable and permitted:

    # sudo setcap cap_net_raw=eip /ofs/ping

  2. Check the capabilities set on a file:

    # getcap /ofs/ping

  3. Remove all capabilities from a file:

    # setcap -r /ofs/ping

by ObjectiveFS staff, November 26, 2019
ObjectiveFS is a shared file system for Linux and OS X that automatically scales and gives you scalable cloud storage. If you have questions or article idea suggestions, please email us at support@objectivefs.com