- * thus making sure the user gets access to the core dump. */
- if (setresgid(gid, gid, gid) < 0 ||
- setresuid(uid, uid, uid) < 0) {
- log_error_errno(errno, "Failed to drop privileges: %m");
- r = -errno;
+ * thus making sure the user gets access to the core
+ * dump. Let's also get rid of all capabilities, if we run as
+ * root, we won't need them anymore. */
+ r = drop_privileges(uid, gid, 0);
+ if (r < 0) {
+ log_error_errno(r, "Failed to drop privileges: %m");