X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=src%2Fshared%2Fcapability.c;h=65d7e038a7a39d305352bf9b4de8d865085a79da;hb=553acb7b6b8d4f16a4747b1f978e8b7888fbfb2c;hp=5d156ab3cd62e95f44f2347b309ca6ad3daf566e;hpb=4a62c710b62a5a3c7a8a278b810b9d5b5a0c8f4f;p=elogind.git

diff --git a/src/shared/capability.c b/src/shared/capability.c
index 5d156ab3c..65d7e038a 100644
--- a/src/shared/capability.c
+++ b/src/shared/capability.c
@@ -271,3 +271,21 @@ int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities) {
 
         return 0;
 }
+
+int drop_capability(cap_value_t cv) {
+        _cleanup_cap_free_ cap_t tmp_cap = NULL;
+
+        tmp_cap = cap_get_proc();
+        if (!tmp_cap)
+                return -errno;
+
+        if ((cap_set_flag(tmp_cap, CAP_INHERITABLE, 1, &cv, CAP_CLEAR) < 0) ||
+            (cap_set_flag(tmp_cap, CAP_PERMITTED, 1, &cv, CAP_CLEAR) < 0) ||
+            (cap_set_flag(tmp_cap, CAP_EFFECTIVE, 1, &cv, CAP_CLEAR) < 0))
+                return -errno;
+
+        if (cap_set_proc(tmp_cap) < 0)
+                return -errno;
+
+        return 0;
+}