The documentation files contain the text explanations for each of the known capabilities. We should enhance capsh to use them explain what a capability is intended to enable. This is kind of like the --decode option we already support. Idea: --explain=3 would output something like: 3=cap_fowner (0x016x) with the explanation from: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/tree/doc/values/3.txt Since capsh would use cap_from_name(3) to interpret the capability, capsh will also be able to take --explain=cap_fowner as an argument.
If the specific named capability is not supported by one or both of libcap and the running kernel, the output should indicate this with the attribute: "reserved" = libcap knows a name, but the running kernel doesn't support it "unsupported" = libcap and the running kernel do not support this value "unnamed" = the kernel supports this, but libcap doesn't know its name
Fixed with: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=cf6ddafe1d34d84e7a30b0b497c6174fc93ba074
Still need to update capsh man page.
Documentation update as per: https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=13b97f953cb9a4bf50527b1d5c1d98ec96fb8ef4