apptainer capability drop
Remove capabilities from a user or group (requires root)
Synopsis
Remove Linux capabilities from a user/group. NOTE: This command requires root to run.
The capabilities argument must be separated by commas and is not case sensitive.
To see available capabilities, type “apptainer capability avail” or refer to capabilities manual “man 7 capabilities”
apptainer capability drop [drop options...] <capabilities>
Examples
$ sudo apptainer capability drop --user nobody AUDIT_READ,CHOWN
$ sudo apptainer capability drop --group nobody audit_write
To drop all capabilities for a user:
$ sudo apptainer capability drop --user nobody all
Options
-g, --group string manage capabilities for a group
-h, --help help for drop
-u, --user string manage capabilities for a user
SEE ALSO
apptainer capability - Manage Linux capabilities for users and groups
Auto generated by spf13/cobra on 14-Mar-2024