libcap_netdb(3) manual page

Manual Pages — CAP_NETDB

NAME

cap_getprotobyname, – library for getting network proto entry in capability mode

LIBRARY

libcap_netdb

SYNOPSIS

#include <sys/nv.h>

#include <libcasper.h>

#include <casper/cap_netdb.h>

struct protoent *
cap_getprotobyname(const cap_channel_t *chan, const char *name);

DESCRIPTION

The function cap_getprotobyname() is equivalent to getprotobyname(3) except that the connection to the system.netdb service needs to be provided. It is reentrant but not thread-safe. That is, it may be called from separate threads only with different cap_channel_t arguments or with synchronization.

EXAMPLES

The following example first opens a capability to casper and then uses this capability to create the system.netdb casper service and uses it to look up a protocol by name.

cap_channel_t *capcas, *capnetdb;
struct protoent *ent;

/* Open capability to Casper. */
capcas = cap_init();
if (capcas == NULL)
        err(1, "Unable to contact Casper");

/* Enter capability mode sandbox. */
if (caph_enter() < 0)
        err(1, "Unable to enter capability mode");

/* Use Casper capability to create capability to the system.netdb service. */
capnetdb = cap_service_open(capcas, "system.netdb");
if (capnetdb == NULL)
        err(1, "Unable to open system.netdb service");

/* Close Casper capability, we don't need it anymore. */
cap_close(capcas);

ent = cap_getprotobyname(capnetdb, "http");
if (ent == NULL)
       errx(1, "cap_getprotobyname failed to find http proto");

AUTHORS

The cap_netdb service was implemented by Ryan Moeller <Mt freqlabs@FreeBSD.org>.

CAP_NETDB (3)

December 6, 2023

Please direct any comments about this manual page service to Ben Bullock. Privacy policy.

“	Do you laugh when the waiter drops a tray full of dishes? Unix weenies do. They're the first ones to laugh at hapless users, trying to figure out an error message that doesn't have anything to do with what they just typed.	”
— The Unix Haters' handbook