Index: lib/libcasper/services/Makefile
===================================================================
--- lib/libcasper/services/Makefile
+++ lib/libcasper/services/Makefile
@@ -3,6 +3,7 @@
 .include <src.opts.mk>
 
 SUBDIR=		cap_dns
+SUBDIR+=	cap_fileargs
 SUBDIR+=	cap_grp
 SUBDIR+=	cap_pwd
 SUBDIR+=	cap_random
Index: lib/libcasper/services/cap_fileargs/Makefile
===================================================================
--- /dev/null
+++ lib/libcasper/services/cap_fileargs/Makefile
@@ -0,0 +1,24 @@
+# $FreeBSD$
+
+SHLIBDIR?=	/lib/casper
+
+.include <src.opts.mk>
+
+PACKAGE=libcasper
+
+SHLIB_MAJOR=	0
+INCSDIR?=	${INCLUDEDIR}/casper
+
+.if ${MK_CASPER} != "no"
+SHLIB=	cap_fileargs
+
+SRCS=	cap_fileargs.c
+.endif
+
+INCS=	cap_fileargs.h
+
+LIBADD=	nv
+
+CFLAGS+=-I${.CURDIR}
+
+.include <bsd.lib.mk>
Index: lib/libcasper/services/cap_fileargs/cap_fileargs.h
===================================================================
--- /dev/null
+++ lib/libcasper/services/cap_fileargs/cap_fileargs.h
@@ -0,0 +1,102 @@
+/*-
+ * Copyright (c) 2018 Mariusz Zaborski <oshogbo@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $FreeBSD$
+ */
+
+#ifndef _FILEARGS_H_
+#define	_FILEARGS_H_
+
+#include <stdbool.h>
+
+#ifdef WITH_CASPER
+struct fileargs;
+typedef struct fileargs fileargs_t;
+
+fileargs_t *fileargs_init(int argc, char *argv[], int flags, mode_t mode,
+    cap_rights_t *rightsp);
+fileargs_t *fileargs_cinit(cap_channel_t *cas, int argc, char *argv[],
+    int flags, mode_t mode, cap_rights_t *rightsp);
+fileargs_t *fileargs_initnv(nvlist_t *limits);
+fileargs_t *fileargs_cinitnv(cap_channel_t *cas, nvlist_t *limits);
+int fileargs_open(fileargs_t *fa, const char *name);
+void fileargs_free(fileargs_t *fa);
+FILE *fileargs_fopen(fileargs_t *fa, const char *name, const char *mode);
+#else
+typedef struct fileargs {
+	int	fa_flags;
+	mode_t	fa_mode;
+} fileargs_t;
+
+static inline fileargs_t *
+fileargs_init(int argc __unused, char *argv[] __unused, int flags, mode_t mode,
+    cap_rights_t *rightsp __unused) {
+	fileargs_t *fa;
+
+	fa = malloc(sizeof(*fa));
+	if (fa != NULL) {
+		fa->fa_flags = flags;
+		fa->fa_mode = mode;
+	}
+
+	return (fa);
+}
+
+static inline fileargs_t *
+fileargs_cinit(cap_channel_t *cas __unused, int argc, char *argv[], int flags,
+    mode_t mode, cap_rights_t *rightsp)
+{
+
+	return (fileargs_init(argc, argv, flags, mode, rightsp));
+}
+
+static inline fileargs_t *
+fileargs_initnv(nvlist_t *limits)
+{
+	fileargs_t *fa;
+
+	fa = fileargs_init(0, NULL,
+	    nvlist_get_number(limits, "flags"),
+	    dnvlist_get_number(limits, "mode", 0));
+	nvlist_destroy(limits);
+
+	return (fa);
+}
+
+static inline fileargs_t *
+fileargs_cinitnv(cap_channel_t *cas __unused, nvlist_t *limits)
+{
+
+	return (fileargs_initnv(limits));
+}
+
+#define	fileargs_open(fa, name)							\
+	open(name, fa->fa_flags, fa->fa_mode)
+#define	fileargs_fopen(fa, name, mode)						\
+	fopen(name, mode)
+#define	fileargs_free(fa)	(free(fa))
+#endif
+
+#endif	/* !_FILEARGS_H_ */
Index: lib/libcasper/services/cap_fileargs/cap_fileargs.c
===================================================================
--- /dev/null
+++ lib/libcasper/services/cap_fileargs/cap_fileargs.c
@@ -0,0 +1,475 @@
+/*-
+ * Copyright (c) 2018 Mariusz Zaborski <oshogbo@FreeBSD.org>
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <sys/types.h>
+#include <sys/capsicum.h>
+#include <sys/sysctl.h>
+#include <sys/cnv.h>
+#include <sys/dnv.h>
+#include <sys/nv.h>
+
+#include <assert.h>
+#include <errno.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+#include <libcasper.h>
+#include <libcasper_service.h>
+
+#include "cap_fileargs.h"
+
+#define CACHE_SIZE	128
+
+#define FILEARGS_MAGIC	0xFA00FA00
+
+struct fileargs {
+	uint32_t	 fa_magic;
+	nvlist_t	*fa_cache;
+	cap_channel_t	*fa_chann;
+	int		 fa_fdflags;
+};
+
+static int
+fileargs_get_cache(fileargs_t *fa, const char *name)
+{
+	int fd;
+	const nvlist_t *nvl;
+	nvlist_t *tnvl;
+
+	assert(fa != NULL);
+	assert(fa->fa_magic == FILEARGS_MAGIC);
+	assert(name != NULL);
+
+	if (fa->fa_cache == NULL)
+		return (-1);
+
+	if ((fa->fa_fdflags & O_CREAT) != 0)
+		return (-1);
+
+	nvl = dnvlist_get_nvlist(fa->fa_cache, name, NULL);
+	if (nvl == NULL)
+		return (-1);
+
+	tnvl = nvlist_take_nvlist(fa->fa_cache, name);
+	fd = nvlist_take_descriptor(tnvl, "fd");
+	nvlist_destroy(tnvl);
+
+	if ((fa->fa_fdflags & O_CLOEXEC) != O_CLOEXEC) {
+		if (fcntl(fd, F_SETFD, fa->fa_fdflags) == -1) {
+			close(fd);
+			return (-1);
+		}
+	}
+
+	return (fd);
+}
+
+static void
+fileargs_set_cache(fileargs_t *fa, nvlist_t *nvl)
+{
+
+	nvlist_destroy(fa->fa_cache);
+	fa->fa_cache = nvl;
+}
+
+static nvlist_t*
+fileargs_fetch(fileargs_t *fa, const char *name)
+{
+	nvlist_t *nvl;
+	int serrno;
+
+	assert(fa != NULL);
+	assert(name != NULL);
+
+	nvl = nvlist_create(NV_FLAG_NO_UNIQUE);
+	nvlist_add_string(nvl, "cmd", "open");
+	nvlist_add_string(nvl, "name", name);
+
+	nvl = cap_xfer_nvlist(fa->fa_chann, nvl);
+	if (nvl == NULL)
+		return (NULL);
+
+	if (nvlist_get_number(nvl, "error") != 0) {
+		serrno = (int)nvlist_get_number(nvl, "error");
+		nvlist_destroy(nvl);
+		errno = serrno;
+		return (NULL);
+	}
+
+	return (nvl);
+}
+
+static nvlist_t *
+fileargs_create_limit(int argc, const char * const *argv, int flags,
+    mode_t mode, cap_rights_t *rightsp)
+{
+	nvlist_t *limits;
+	int i;
+
+	limits = nvlist_create(NV_FLAG_NO_UNIQUE);
+	if (limits == NULL)
+		return (NULL);
+
+	nvlist_add_number(limits, "flags", flags);
+	if (rightsp != NULL) {
+		nvlist_add_binary(limits, "cap_rights", rightsp,
+		    sizeof(*rightsp));
+	}
+	if ((flags & O_CREAT) != 0)
+		nvlist_add_number(limits, "mode", (uint64_t)mode);
+
+	for (i = 0; i < argc; i++) {
+		nvlist_add_null(limits, argv[i]);
+	}
+
+	return (limits);
+}
+
+fileargs_t *
+fileargs_init(int argc, char *argv[], int flags, mode_t mode,
+    cap_rights_t *rightsp)
+{
+	nvlist_t *limits;
+
+	assert(argc > 0);
+	assert(argv != NULL);
+
+	limits = fileargs_create_limit(argc, (const char * const *)argv, flags,
+	   mode, rightsp);
+	if (limits == NULL)
+		return (NULL);
+
+	return (fileargs_initnv(limits));
+}
+
+fileargs_t *
+fileargs_cinit(cap_channel_t *cas, int argc, char *argv[], int flags,
+     mode_t mode, cap_rights_t *rightsp)
+{
+	nvlist_t *limits;
+
+	assert(argc > 0);
+	assert(argv != NULL);
+
+	limits = fileargs_create_limit(argc, (const char * const *)argv, flags,
+	   mode, rightsp);
+	if (limits == NULL)
+		return (NULL);
+
+	return (fileargs_cinitnv(cas, limits));
+}
+
+fileargs_t *
+fileargs_initnv(nvlist_t *limits)
+{
+        cap_channel_t *cas;
+	fileargs_t *fa;
+
+	assert(limits != NULL);
+
+        cas = cap_init();
+        if (cas == NULL) {
+		nvlist_destroy(limits);
+                return (NULL);
+	}
+
+        fa = fileargs_cinitnv(cas, limits);
+        cap_close(cas);
+
+	return (fa);
+}
+
+fileargs_t *
+fileargs_cinitnv(cap_channel_t *cas, nvlist_t *limits)
+{
+	cap_channel_t *chann;
+	fileargs_t *fa;
+	int serrno, ret;
+	int flags;
+
+	assert(cas != NULL);
+	assert(limits != NULL);
+
+	chann = NULL;
+	fa = NULL;
+
+	chann = cap_service_open(cas, "system.fileargs");
+	if (chann == NULL) {
+		nvlist_destroy(limits);
+		return (NULL);
+	}
+
+	flags = nvlist_get_number(limits, "flags");
+
+	/* Limits are consumed no need to free them. */
+	ret = cap_limit_set(chann, limits);
+	if (ret < 0)
+		goto out;
+
+	fa = malloc(sizeof(*fa));
+	if (fa == NULL)
+		goto out;
+
+	fa->fa_cache = NULL;
+	fa->fa_chann = chann;
+	fa->fa_fdflags = flags;
+	fa->fa_magic = FILEARGS_MAGIC;
+
+	return (fa);
+out:
+	serrno = errno;
+	if (chann != NULL)
+		cap_close(chann);
+	errno = serrno;
+	return (NULL);
+}
+
+int
+fileargs_open(fileargs_t *fa, const char *name)
+{
+	int fd;
+	nvlist_t *nvl;
+	char *cmd;
+
+	assert(fa != NULL);
+	assert(fa->fa_magic == FILEARGS_MAGIC);
+
+	if (name == NULL) {
+		errno = EINVAL;
+		return (-1);
+	}
+
+	fd = fileargs_get_cache(fa, name);
+	if (fd != -1)
+		return (fd);
+
+	nvl = fileargs_fetch(fa, name);
+	if (nvl == NULL)
+		return (-1);
+
+	fd = nvlist_take_descriptor(nvl, "fd");
+	cmd = nvlist_take_string(nvl, "cmd");
+	if (strcmp(cmd, "cache") == 0)
+		fileargs_set_cache(fa, nvl);
+	else
+		nvlist_destroy(nvl);
+	free(cmd);
+
+	return (fd);
+}
+
+FILE *
+fileargs_fopen(fileargs_t *fa, const char *name, const char *mode)
+{
+	int fd;
+
+	if ((fd = fileargs_open(fa, name)) < 0) {
+		return (NULL);
+	}
+
+	return (fdopen(fd, mode));
+}
+
+void
+fileargs_free(fileargs_t *fa)
+{
+
+	if (fa == NULL)
+		return;
+
+	assert(fa->fa_magic == FILEARGS_MAGIC);
+
+	nvlist_destroy(fa->fa_cache);
+	cap_close(fa->fa_chann);
+	explicit_bzero(&fa->fa_magic, sizeof(fa->fa_magic));
+	free(fa);
+}
+
+/*
+ * Service functions.
+ */
+
+static const char *lastname;
+static void *cacheposition;
+static bool allcached;
+static const cap_rights_t *caprightsp;
+static int capflags;
+static mode_t capmode;
+
+static int
+open_file(const char *name)
+{
+	int fd, serrno;
+
+	if ((capflags & O_CREAT) == 0)
+		fd = open(name, capflags);
+	else
+		fd = open(name, capflags, capmode);
+	if (fd < 0)
+		return (-1);
+
+	if (caprightsp != NULL) {
+		if (cap_rights_limit(fd, caprightsp) < 0) {
+			serrno = errno;
+			close(fd);
+			errno = serrno;
+			return (-1);
+		}
+	}
+
+	return (fd);
+}
+
+static void
+fileargs_add_cache(nvlist_t *nvlout, const nvlist_t *limits,
+    const char *curent_name)
+{
+	int type, i, fd;
+	void *cookie;
+	nvlist_t *new;
+	const char *fname;
+
+	if ((capflags & O_CREAT) != 0) {
+		allcached = true;
+		return;
+	}
+
+	cookie = cacheposition;
+	for (i = 0; i < CACHE_SIZE + 1; i++) {
+		fname = nvlist_next(limits, &type, &cookie);
+		if (fname == NULL) {
+			cacheposition = NULL;
+			lastname = NULL;
+			allcached = true;
+			return;
+		}
+		/* We doing that to catch next element name. */
+		if (i == CACHE_SIZE) {
+			break;
+		}
+
+		if (type != NV_TYPE_NULL ||
+		    (curent_name != NULL && strcmp(fname, curent_name) == 0)) {
+			curent_name = NULL;
+			i--;
+			continue;
+		}
+
+		fd = open_file(fname);
+		if (fd < 0) {
+			i--;
+			continue;
+		}
+
+		new = nvlist_create(NV_FLAG_NO_UNIQUE);
+		nvlist_move_descriptor(new, "fd", fd);
+		nvlist_add_nvlist(nvlout, fname, new);
+	}
+	cacheposition = cookie;
+	lastname = fname;
+}
+
+static bool
+fileargs_allowed(const nvlist_t *limits, const nvlist_t *request)
+{
+	const char *name;
+
+	name = dnvlist_get_string(request, "name", NULL);
+	if (name == NULL)
+		return (false);
+
+	/* Fast path. */
+	if (lastname != NULL && strcmp(name, lastname) == 0)
+		return (true);
+
+	if (!nvlist_exists_null(limits, name))
+		return (false);
+
+	return (true);
+}
+
+static int
+fileargs_limit(const nvlist_t *oldlimits, const nvlist_t *newlimits)
+{
+
+	if (oldlimits != NULL)
+		return (ENOTCAPABLE);
+
+	capflags = (int)dnvlist_get_number(newlimits, "flags", 0);
+	if ((capflags & O_CREAT) != 0)
+		capmode = (mode_t)nvlist_get_number(newlimits, "mode");
+	else
+		capmode = 0;
+
+	caprightsp = dnvlist_get_binary(newlimits, "cap_rights", NULL, NULL, 0);
+
+	return (0);
+}
+
+static int
+fileargs_command_open(const nvlist_t *limits, nvlist_t *nvlin,
+    nvlist_t *nvlout)
+{
+	int fd;
+	const char *name;
+
+	if (limits == NULL)
+		return (ENOTCAPABLE);
+
+	if (!fileargs_allowed(limits, nvlin))
+		return (ENOTCAPABLE);
+
+	name = nvlist_get_string(nvlin, "name");
+
+	fd = open_file(name);
+	if (fd < 0)
+		return (errno);
+
+	if (!allcached && (lastname == NULL ||
+	    strcmp(name, lastname) == 0)) {
+		nvlist_add_string(nvlout, "cmd", "cache");
+		fileargs_add_cache(nvlout, limits, name);
+	} else {
+		nvlist_add_string(nvlout, "cmd", "open");
+	}
+	nvlist_move_descriptor(nvlout, "fd", fd);
+	return (0);
+}
+
+static int
+fileargs_command(const char *cmd, const nvlist_t *limits,
+    nvlist_t *nvlin, nvlist_t *nvlout)
+{
+
+	if (strcmp(cmd, "open") == 0)
+		return (fileargs_command_open(limits, nvlin, nvlout));
+
+	return (EINVAL);
+}
+
+CREATE_SERVICE("system.fileargs", fileargs_limit, fileargs_command,
+    CASPER_SERVICE_FD | CASPER_SERVICE_STDIO | CASPER_SERVICE_NO_UNIQ_LIMITS);
Index: share/mk/src.libnames.mk
===================================================================
--- share/mk/src.libnames.mk
+++ share/mk/src.libnames.mk
@@ -73,6 +73,7 @@
 		cam \
 		casper \
 		cap_dns \
+		cap_fileargs \
 		cap_grp \
 		cap_pwd \
 		cap_random \
@@ -233,6 +234,7 @@
 _DP_kvm=	elf
 _DP_casper=	nv
 _DP_cap_dns=	nv
+_DP_cap_fileargs=	nv
 _DP_cap_grp=	nv
 _DP_cap_pwd=	nv
 _DP_cap_random=	nv