capabilities - Manage Linux capabilities

New in version 1.6.

Synopsis
Parameters
Notes
Examples
Status
Maintenance
- Author

Synopsis

This module manipulates files privileges using the Linux capabilities(7) system.

Parameters

Parameter	Choices/Defaults	Comments
capability required		Desired capability to set (with operator and flags, if state is `present`) or remove (if state is `absent`) aliases: cap
path required		Specifies the path to the file to be managed.
state	Choices: absent present ←	Whether the entry should be present or absent in the file's capabilities.

Notes

Note

The capabilities system will automatically transform operators and flags into the effective set, so (for example, cap_foo=ep will probably become cap_foo+ep). This module does not attempt to determine the final operator and flags to compare, so you will want to ensure that your capabilities argument matches the final capabilities.

Examples

- name: Set cap_sys_chroot+ep on /foo
  capabilities:
    path: /foo
    capability: cap_sys_chroot+ep
    state: present

- name: Remove cap_net_bind_service from /bar
  capabilities:
    path: /bar
    capability: cap_net_bind_service
    state: absent

Status

This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.

Maintenance

This module is flagged as community which means that it is maintained by the Ansible Community. See Module Maintenance & Support for more info.

For a list of other modules that are also maintained by the Ansible Community, see here.

Author

Nate Coraor (@natefoo)

Hint

If you notice any issues in this documentation you can edit this document to improve it.

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.6/modules/capabilities_module.html