5 files changed, 185 insertions, 10 deletions
diff --git a/src/basic/cap-list.c b/src/basic/cap-list.c
new file mode 100644
index 000000000..124641f94
--- /dev/null
+++ b/src/basic/cap-list.c
@@ -0,0 +1,131 @@
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+#include <errno.h>
+#include <string.h>
+
+#include "alloc-util.h"
+#include "capability-util.h"
+#include "cap-list.h"
+#include "extract-word.h"
+#include "macro.h"
+#include "missing.h"
+#include "parse-util.h"
+#include "util.h"
+
+static const struct capability_name* lookup_capability(register const char *str, register GPERF_LEN_TYPE len);
+
+#include "cap-from-name.h"
+#include "cap-to-name.h"
+
+const char *capability_to_name(int id) {
+
+        if (id < 0)
+                return NULL;
+
+        if (id >= (int) ELEMENTSOF(capability_names))
+                return NULL;
+
+        return capability_names[id];
+}
+
+int capability_from_name(const char *name) {
+        const struct capability_name *sc;
+        int r, i;
+
+        assert(name);
+
+        /* Try to parse numeric capability */
+        r = safe_atoi(name, &i);
+        if (r >= 0 && i >= 0)
+                return i;
+
+        /* Try to parse string capability */
+        sc = lookup_capability(name, strlen(name));
+        if (!sc)
+                return -EINVAL;
+
+        return sc->id;
+}
+
+int capability_list_length(void) {
+        return (int) ELEMENTSOF(capability_names);
+}
+
+int capability_set_to_string_alloc(uint64_t set, char **s) {
+        _cleanup_free_ char *str = NULL;
+        unsigned long i;
+        size_t allocated = 0, n = 0;
+
+        assert(s);
+
+        for (i = 0; i < cap_last_cap(); i++)
+                if (set & (UINT64_C(1) << i)) {
+                        const char *p;
+                        size_t add;
+
+                        p = capability_to_name(i);
+                        if (!p)
+                                return -EINVAL;
+
+                        add = strlen(p);
+
+                        if (!GREEDY_REALLOC0(str, allocated, n + add + 2))
+                                return -ENOMEM;
+
+                        strcpy(mempcpy(str + n, p, add), " ");
+                        n += add + 1;
+                }
+
+        if (n != 0)
+                str[n - 1] = '\0';
+
+        *s = str;
+        str = NULL;
+
+        return 0;
+}
+
+int capability_set_from_string(const char *s, uint64_t *set) {
+        uint64_t val = 0;
+        const char *p;
+
+        assert(set);
+
+        for (p = s;;) {
+                _cleanup_free_ char *word = NULL;
+                int r;
+
+                r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES);
+                if (r == -ENOMEM)
+                        return r;
+                if (r <= 0)
+                        break;
+
+                r = capability_from_name(word);
+                if (r < 0)
+                        continue;
+
+                val |= ((uint64_t) UINT64_C(1)) << (uint64_t) r;
+        }
+
+        *set = val;
+
+        return 0;
+}
diff --git a/src/basic/cap-list.h b/src/basic/cap-list.h
new file mode 100644
index 000000000..f9f6b70d8
--- /dev/null
+++ b/src/basic/cap-list.h
@@ -0,0 +1,27 @@
+#pragma once
+
+/***
+  This file is part of systemd.
+
+  Copyright 2014 Lennart Poettering
+
+  systemd is free software; you can redistribute it and/or modify it
+  under the terms of the GNU Lesser General Public License as published by
+  the Free Software Foundation; either version 2.1 of the License, or
+  (at your option) any later version.
+
+  systemd is distributed in the hope that it will be useful, but
+  WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+  Lesser General Public License for more details.
+
+  You should have received a copy of the GNU Lesser General Public License
+  along with systemd; If not, see <http://www.gnu.org/licenses/>.
+***/
+
+const char *capability_to_name(int id);
+int capability_from_name(const char *name);
+int capability_list_length(void);
+
+int capability_set_to_string_alloc(uint64_t set, char **s);
+int capability_set_from_string(const char *s, uint64_t *set);
diff --git a/src/basic/cap-to-name.awk b/src/basic/cap-to-name.awk
new file mode 100644
index 000000000..402a78202
--- /dev/null
+++ b/src/basic/cap-to-name.awk
@@ -0,0 +1,9 @@
+BEGIN{
+        print "static const char* const capability_names[] = { "
+}
+{
+        printf "        [%s] = \"%s\",\n", $1, tolower($1)
+}
+END{
+        print "};"
+}
diff --git a/src/basic/generate-cap-list.sh b/src/basic/generate-cap-list.sh
new file mode 100755
index 000000000..0678bb5a3
--- /dev/null
+++ b/src/basic/generate-cap-list.sh
@@ -0,0 +1,5 @@
+#!/bin/sh -eu
+
+$1 -dM -include linux/capability.h -I../src/shared -include "$2" -include "$3" - </dev/null | \
+        awk '/^#define[ \t]+CAP_[A-Z_]+[ \t]+/ { print $2; }' | \
+        grep -v CAP_LAST_CAP
diff --git a/src/basic/meson.build b/src/basic/meson.build
index 7aff69b11..10acb9aef 100644
--- a/src/basic/meson.build
+++ b/src/basic/meson.build
@@ -210,6 +210,8 @@ basic_sources_plain = files('''
         capability-util.c
         capability-util.h
         cgroup-util.c
+        cap-list.c
+        cap-list.h
         cgroup-util.h
         conf-files.c
         conf-files.h
@@ -338,7 +340,7 @@ missing_h = files('missing.h')
 
 generate_gperfs = find_program('generate-gperfs.py')
 
-#if 0 /// elogind has only the errno list.
+#if 0 /// elogind has only the cap and errno list.
 # generate_af_list = find_program('generate-af-list.sh')
 # af_list_txt = custom_target(
 #         'af-list.txt',
@@ -352,15 +354,15 @@ generate_gperfs = find_program('generate-gperfs.py')
 #         output : 'arphrd-list.txt',
 #         command : [generate_arphrd_list, cpp],
 #         capture : true)
-# 
-# generate_cap_list = find_program('generate-cap-list.sh')
-# cap_list_txt = custom_target(
-#         'cap-list.txt',
-#         output : 'cap-list.txt',
-#         command : [generate_cap_list, cpp, config_h, missing_h],
-#         capture : true)
 #endif // 0
 
+generate_cap_list = find_program('generate-cap-list.sh')
+cap_list_txt = custom_target(
+        'cap-list.txt',
+        output : 'cap-list.txt',
+        command : [generate_cap_list, cpp, config_h, missing_h],
+        capture : true)
+
 generate_errno_list = find_program('generate-errno-list.sh')
 errno_list_txt = custom_target(
         'errno-list.txt',
@@ -369,13 +371,14 @@ errno_list_txt = custom_target(
         capture : true)
 
 generated_gperf_headers = []
-#if 0 /// elogind has only the errno list.
+#if 0 /// elogind has only the cap and errno list.
 # foreach item : [['af',     af_list_txt,     'af',         ''],
 #                 ['arphrd', arphrd_list_txt, 'arphrd',     'ARPHRD_'],
 #                 ['cap',    cap_list_txt,    'capability', ''],
 #                 ['errno',  errno_list_txt,  'errno',      '']]
 #else
-foreach item : [['errno',  errno_list_txt,  'errno',      '']]
+foreach item : [['cap',    cap_list_txt,    'capability', ''],
+                ['errno',  errno_list_txt,  'errno',      '']]
 #endif // 0
 
         fname = '@0@-from-name.gperf'.format(item[0])