apptainer-capability-drop - Man Page

Remove capabilities from a user or group (requires root)

Synopsis

apptainer capability drop [drop options...]

Description

Remove Linux capabilities from a user/group. NOTE: This command requires root
 to run.

The capabilities argument must be separated by commas and is not case
 sensitive.

To see available capabilities, type "apptainer capability avail" or refer to
 capabilities manual "man 7 capabilities"

Options

-g, --group="" manage capabilities for a group

-h, --help[=false] help for drop

-u, --user="" manage capabilities for a user

Example

  $ sudo apptainer capability drop --user nobody AUDIT_READ,CHOWN
  $ sudo apptainer capability drop --group nobody audit_write

  To drop all capabilities for a user:

  $ sudo apptainer capability drop --user nobody all

See Also

apptainer-capability(1)

History

13-Mar-2024 Auto generated by spf13/cobra

Referenced By

apptainer-capability(1).

Mar 2024 Auto generated by spf13/cobra