diff options
| author | Lennart Poettering <lennart@poettering.net> | 2014-12-10 03:16:14 +0100 |
|---|---|---|
| committer | Lennart Poettering <lennart@poettering.net> | 2014-12-10 03:21:07 +0100 |
| commit | 2822da4fb7f891e5320f02f1d00f64b72221ced4 (patch) | |
| tree | 53d99b2f6cfd0d0e81b47671a03f1c3e1e5880fc /src/core | |
| parent | 45823da23ccfea5159fafa844ede0a873a460df8 (diff) | |
util: introduce our own gperf based capability list
This way, we can ensure we have a more complete, up-to-date list of
capabilities around, always.
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/execute.c | 10 | ||||
| -rw-r--r-- | src/core/load-fragment.c | 11 |
2 files changed, 8 insertions, 13 deletions
diff --git a/src/core/execute.c b/src/core/execute.c index b7ac4c7b2..955090c44 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -86,6 +86,7 @@ #include "smack-util.h" #include "bus-kernel.h" #include "label.h" +#include "cap-list.h" #ifdef HAVE_SECCOMP #include "seccomp-util.h" @@ -2296,13 +2297,8 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) { fprintf(f, "%sCapabilityBoundingSet:", prefix); for (l = 0; l <= cap_last_cap(); l++) - if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) l))) { - _cleanup_cap_free_charp_ char *t; - - t = cap_to_name(l); - if (t) - fprintf(f, " %s", t); - } + if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) l))) + fprintf(f, " %s", strna(capability_to_name(l))); fputs("\n", f); } diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c index 7f109b893..259323bd5 100644 --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@ -59,6 +59,7 @@ #include "bus-error.h" #include "errno-list.h" #include "af-list.h" +#include "cap-list.h" #ifdef HAVE_SECCOMP #include "seccomp-util.h" @@ -1040,17 +1041,15 @@ int config_parse_bounding_set(const char *unit, FOREACH_WORD_QUOTED(word, l, rvalue, state) { _cleanup_free_ char *t = NULL; - int r; - cap_value_t cap; + int cap; t = strndup(word, l); if (!t) return log_oom(); - r = cap_from_name(t, &cap); - if (r < 0) { - log_syntax(unit, LOG_ERR, filename, line, errno, - "Failed to parse capability in bounding set, ignoring: %s", t); + cap = capability_from_name(t); + if (cap < 0) { + log_syntax(unit, LOG_ERR, filename, line, errno, "Failed to parse capability in bounding set, ignoring: %s", t); continue; } |