capabilities – Manage Linux capabilities¶
New in version 1.6.
Parameters¶
Parameter | Choices/Defaults | Comments |
---|---|---|
capability
-
/ required
|
Desired capability to set (with operator and flags, if state is
present ) or remove (if state is absent )aliases: cap |
|
path
-
/ required
|
Specifies the path to the file to be managed.
|
|
state
-
|
|
Whether the entry should be present or absent in the file's capabilities.
|
Notes¶
Note
- The capabilities system will automatically transform operators and flags into the effective set, so (for example, cap_foo=ep will probably become cap_foo+ep). This module does not attempt to determine the final operator and flags to compare, so you will want to ensure that your capabilities argument matches the final capabilities.
Examples¶
- name: Set cap_sys_chroot+ep on /foo
capabilities:
path: /foo
capability: cap_sys_chroot+ep
state: present
- name: Remove cap_net_bind_service from /bar
capabilities:
path: /bar
capability: cap_net_bind_service
state: absent
Status¶
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors¶
- Nate Coraor (@natefoo)
Hint
If you notice any issues in this documentation you can edit this document to improve it.