.nh .TH "apptainer" "1" "Sep 2024" "Auto generated by spf13/cobra" "" .SH NAME .PP apptainer-capability-drop - Remove capabilities from a user or group (requires root) .SH SYNOPSIS .PP \fBapptainer capability drop [drop options...] \fP .SH DESCRIPTION .PP Remove Linux capabilities from a user/group. NOTE: This command requires root to run. .PP The capabilities argument must be separated by commas and is not case sensitive. .PP To see available capabilities, type "apptainer capability avail" or refer to capabilities manual "man 7 capabilities" .SH OPTIONS .PP \fB-g\fP, \fB--group\fP="" manage capabilities for a group .PP \fB-h\fP, \fB--help\fP[=false] help for drop .PP \fB-u\fP, \fB--user\fP="" manage capabilities for a user .SH EXAMPLE .EX $ sudo apptainer capability drop --user nobody AUDIT_READ,CHOWN $ sudo apptainer capability drop --group nobody audit_write To drop all capabilities for a user: $ sudo apptainer capability drop --user nobody all .EE .SH SEE ALSO .PP \fBapptainer-capability(1)\fP .SH HISTORY .PP 23-Sep-2024 Auto generated by spf13/cobra