docs: document CAP_AUDIT_READ

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 884a5ffbdf)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2020-09-16 15:46:09 +02:00
parent 3d74f7ab48
commit ffa0e1d36e
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
1 changed files with 1 additions and 0 deletions

View File

@ -1307,6 +1307,7 @@ The next table shows the capabilities which are not granted by default and may b
| Capability Key | Capability Description | | Capability Key | Capability Description |
|:----------------|:----------------------------------------------------------------------------------------------------------------| |:----------------|:----------------------------------------------------------------------------------------------------------------|
| AUDIT_CONTROL | Enable and disable kernel auditing; change auditing filter rules; retrieve auditing status and filtering rules. | | AUDIT_CONTROL | Enable and disable kernel auditing; change auditing filter rules; retrieve auditing status and filtering rules. |
| AUDIT_READ | Allow reading audit messages from the kernel. |
| BLOCK_SUSPEND | Employ features that can block system suspend. | | BLOCK_SUSPEND | Employ features that can block system suspend. |
| DAC_READ_SEARCH | Bypass file read permission checks and directory read and execute permission checks. | | DAC_READ_SEARCH | Bypass file read permission checks and directory read and execute permission checks. |
| IPC_LOCK | Lock memory (mlock(2), mlockall(2), mmap(2), shmctl(2)). | | IPC_LOCK | Lock memory (mlock(2), mlockall(2), mmap(2), shmctl(2)). |