exec: Assigning the empty string to CapabilityBoundSet= should drop all caps

Previously, it would set all caps, but it should drop them all, anything else makes little sense. Also, document that this works as it does, and what to do in order to assign all caps to the bounding set. https://bugzilla.redhat.com/show_bug.cgi?id=914705
author: Lennart Poettering <lennart@poettering.net> 2013-03-22 23:25:54 +0100
committer: Lennart Poettering <lennart@poettering.net> 2013-03-22 23:28:44 +0100
commit: d91c34f21ff7445dcee3efe2368aebe2d6c266db (patch)
tree: 8b7099d7bc80f6cdb5c9b5be441b6e1cbb0497fd /src/core/unit.c
parent: 6af274272a917710f606acb3589f0430e9092631 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/src/core/unit.c b/src/core/unit.c
index a1249dc093..d43558e6df 100644
--- a/src/core/unit.c
+++ b/src/core/unit.c
@@ -2645,7 +2645,14 @@ int unit_kill(Unit *u, KillWho w, int signo, DBusError *error) {
         return UNIT_VTABLE(u)->kill(u, w, signo, error);
 }
 
-int unit_kill_common(Unit *u, KillWho who, int signo, pid_t main_pid, pid_t control_pid, DBusError *error) {
+int unit_kill_common(
+                Unit *u,
+                KillWho who,
+                int signo,
+                pid_t main_pid,
+                pid_t control_pid,
+                DBusError *error) {
+
         int r = 0;
 
         if (who == KILL_MAIN && main_pid <= 0) {
author	Lennart Poettering <lennart@poettering.net>	2013-03-22 23:25:54 +0100
committer	Lennart Poettering <lennart@poettering.net>	2013-03-22 23:28:44 +0100
commit	d91c34f21ff7445dcee3efe2368aebe2d6c266db (patch)
tree	8b7099d7bc80f6cdb5c9b5be441b6e1cbb0497fd /src/core/unit.c
parent	6af274272a917710f606acb3589f0430e9092631 (diff)