#if HAVE_CAPABILITY
int check_capability(int arg) /* {{{ */
{
- cap_value_t cap = (cap_value_t)arg;
+ cap_value_t cap_value = (cap_value_t)arg;
+ cap_t cap;
+ cap_flag_value_t cap_flag_value;
- if (!CAP_IS_SUPPORTED(cap))
+ if (!CAP_IS_SUPPORTED(cap_value))
return (-1);
- int have_cap = cap_get_bound(cap);
- if (have_cap != 1)
+ if (!(cap = cap_get_proc())) {
+ ERROR("check_capability: cap_get_proc failed.");
return (-1);
+ }
- return (0);
+ if (cap_get_flag(cap, cap_value, CAP_EFFECTIVE, &cap_flag_value) < 0) {
+ ERROR("check_capability: cap_get_flag failed.");
+ cap_free(cap);
+ return (-1);
+ }
+ cap_free(cap);
+
+ return (cap_flag_value != CAP_SET);
} /* }}} int check_capability */
#else
int check_capability(__attribute__((unused)) int arg) /* {{{ */
* argument. Returns zero if it does, less than zero if it doesn't or on error.
* See capabilities(7) for the list of possible capabilities.
* */
-int check_capability(int capability);
+int check_capability(int arg);
#endif /* HAVE_SYS_CAPABILITY_H */
#endif /* COMMON_H */
projects / collectd.git / commitdiff