From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <zsh-workers-return-14459-mason-zsh=primenet.com.au@sunsite.dk>
Received: (qmail 24720 invoked from network); 23 May 2001 16:05:26 -0000
Received: from sunsite.dk (130.225.51.30)
  by ns1.primenet.com.au with SMTP; 23 May 2001 16:05:26 -0000
Received: (qmail 890 invoked by alias); 23 May 2001 16:05:19 -0000
Mailing-List: contact zsh-workers-help@sunsite.dk; run by ezmlm
Precedence: bulk
X-No-Archive: yes
X-Seq: 14459
Received: (qmail 876 invoked from network); 23 May 2001 16:05:18 -0000
Date: Wed, 23 May 2001 12:05:14 -0400
From: Clint Adams <schizo@debian.org>
To: zsh-workers@sunsite.dk
Cc: 98475-forwarded@bugs.debian.org
Subject: prompt expansion and POSIX.1e capabilities
Message-ID: <20010523120514.A26393@dman.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
User-Agent: Mutt/1.2.5i

I know nothing about these things.

----- Forwarded message from Galen Hancock <galen@CSUA.Berkeley.EDU> -----

Package: zsh
Version: 4.0.0+4.0.1.pre4-3

The default PS1 is "%m%# ". zsh conforms to the part of its man page,
under PROMPT EXPANSION, which says:

       %#     A  `#'  if  the shell is running with privileges, a
              `%' if not.  Equivalent to `%(!.#.%%)'.  The  defi­
              nition of `privileged', for these purposes, is that
              either the  effective  user  ID  is  zero,  or,  if
              POSIX.1e  capabilities are supported, that at least
              one capability is raised in either the Effective or
              Inheritable capability vectors.

This is not useful behavior, because (at least on my installation),
normal users have all capabilities but cap_setpcap raised inheritable.
This gives me a # prompt, not %, when I log in.

soda% ssh gh.dhs.org
[... normal user logon]
windriver# zsh --version
zsh 4.0.1-pre-4+debian0515 (i686-pc-linux-gnu)
windriver# zmodload zsh/cap
windriver# id
uid=1000(galen) gid=1000(galen) groups=1000(galen),24(cdrom),25(floppy),29(audio),33(www-data),37(operator),40(src),44(video),50(staff),60(games),101(dba),500(wheel),2000(mp3)
windriver# cap
=i cap_setpcap-i
windriver# cap =
windriver% cap
=
windriver% uname -sr
Linux 2.2.15

The format in which capabilites are printed is documented in
cap_from_text(3). = means no capabilites raised, and "=i cap_setpcap-i"
means, first, all capabilities raised in inheritable and, then,
cap_setpcap turned off in inheritable.

I don't know much about capabilites, so I don't know for sure what a more
reasonable setting would be; I think "at least one capability raised in
'effective'" would make sense.

					Galen