capability: change capability_bounding_set_drop() to be work without privileges when executing a NOP

This way daemons which already dropped all caps may use the call to drop priviliges again, which becomes a non-failing NOP.
author: Lennart Poettering <lennart@poettering.net> 2017-08-09 15:05:36 +0200
committer: Sven Eden <yamakuzure@gmx.net> 2017-09-25 14:31:16 +0200
commit: 1f130b1ec38f8c1d8c4f47c9b5a36b7017526fbe (patch)
tree: f5681f3fda9192c579dff909d861eab5d9d5a4e8 /src/basic/capability-util.c
parent: d1c1c992b810520323ddbceca865ba8995f1dd95 (diff)
1 files changed, 0 insertions, 15 deletions
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c
index 294dcc8d4..952bcc2d7 100644
--- a/src/basic/capability-util.c
+++ b/src/basic/capability-util.c
@@ -372,19 +372,4 @@ int drop_capability(cap_value_t cv) {
 
         return 0;
 }
-
-bool ambient_capabilities_supported(void) {
-        static int cache = -1;
-
-        if (cache >= 0)
-                return cache;
-
-        /* If PR_CAP_AMBIENT returns something valid, or an unexpected error code we assume that ambient caps are
-         * available. */
-
-        cache = prctl(PR_CAP_AMBIENT, PR_CAP_AMBIENT_IS_SET, CAP_KILL, 0, 0) >= 0 ||
-                !IN_SET(errno, EINVAL, EOPNOTSUPP, ENOSYS);
-
-        return cache;
-}
 #endif // 0
author	Lennart Poettering <lennart@poettering.net>	2017-08-09 15:05:36 +0200
committer	Sven Eden <yamakuzure@gmx.net>	2017-09-25 14:31:16 +0200
commit	1f130b1ec38f8c1d8c4f47c9b5a36b7017526fbe (patch)
tree	f5681f3fda9192c579dff909d861eab5d9d5a4e8 /src/basic/capability-util.c
parent	d1c1c992b810520323ddbceca865ba8995f1dd95 (diff)