#include <sys/prctl.h>
#include <sys/types.h>
+#include "capability-util.h"
#include "cpu-set-util.h"
#include "errno-list.h"
#include "fileio.h"
return;
}
+ if (have_effective_cap(CAP_CHOWN) <= 0 ||
+ have_effective_cap(CAP_FOWNER) <= 0 ||
+ have_effective_cap(CAP_KILL) <= 0) {
+ log_notice("Skipping %s, this process does not have enough capabilities", __func__);
+ return;
+ }
+
test(m, "exec-capabilityboundingset-simple.service", 0, CLD_EXITED);
test(m, "exec-capabilityboundingset-reset.service", 0, CLD_EXITED);
test(m, "exec-capabilityboundingset-merge.service", 0, CLD_EXITED);
return;
}
+ if (have_effective_cap(CAP_NET_ADMIN) <= 0 ||
+ have_effective_cap(CAP_NET_RAW) <= 0) {
+ log_notice("Skipping %s, this process does not have enough capabilities", __func__);
+ return;
+ }
+
test(m, "exec-ambientcapabilities.service", 0, CLD_EXITED);
test(m, "exec-ambientcapabilities-merge.service", 0, CLD_EXITED);
projects / platform / upstream / systemd.git / commitdiff