diff options
author | Lennart Poettering <lennart@poettering.net> | 2017-08-09 15:05:36 +0200 |
---|---|---|
committer | Sven Eden <yamakuzure@gmx.net> | 2017-09-25 14:31:16 +0200 |
commit | 1f130b1ec38f8c1d8c4f47c9b5a36b7017526fbe (patch) | |
tree | f5681f3fda9192c579dff909d861eab5d9d5a4e8 /src/basic/capability-util.c | |
parent | d1c1c992b810520323ddbceca865ba8995f1dd95 (diff) |
capability: change capability_bounding_set_drop() to be work without privileges when executing a NOP
This way daemons which already dropped all caps may use the call to
drop priviliges again, which becomes a non-failing NOP.
Diffstat (limited to 'src/basic/capability-util.c')
-rw-r--r-- | src/basic/capability-util.c | 15 |
1 files changed, 0 insertions, 15 deletions
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c index 294dcc8d4..952bcc2d7 100644 --- a/src/basic/capability-util.c +++ b/src/basic/capability-util.c @@ -372,19 +372,4 @@ int drop_capability(cap_value_t cv) { return 0; } - -bool ambient_capabilities_supported(void) { - static int cache = -1; - - if (cache >= 0) - return cache; - - /* If PR_CAP_AMBIENT returns something valid, or an unexpected error code we assume that ambient caps are - * available. */ - - cache = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_KILL, 0, 0) >= 0 || - !IN_SET(errno, EINVAL, EOPNOTSUPP, ENOSYS); - - return cache; -} #endif // 0 |