util: properly detect what the last capability is

author: Lennart Poettering <lennart@poettering.net> 2011-10-11 22:30:31 +0200
committer: Lennart Poettering <lennart@poettering.net> 2011-10-11 22:30:31 +0200
commit: 64685e0cea62b4937f0804e47ce2cb7929f58223 (patch)
tree: b33dc0e8922360c9f067591cafa8632f2b26ea58 /src/nspawn.c
parent: d2134abdd5a21bb7e4b307f403d890901628fcf9 (diff)
1 files changed, 1 insertions, 7 deletions
diff --git a/src/nspawn.c b/src/nspawn.c
index 8441c057b9..653d7db730 100644
--- a/src/nspawn.c
+++ b/src/nspawn.c
@@ -361,7 +361,7 @@ static int drop_capabilities(void) {
 
         unsigned long l;
 
-        for (l = 0; l <= MAX(63LU, (unsigned long) CAP_LAST_CAP); l++) {
+        for (l = 0; l <= cap_last_cap(); l++) {
                 unsigned i;
 
                 for (i = 0; i < ELEMENTSOF(retain); i++)
@@ -372,12 +372,6 @@ static int drop_capabilities(void) {
                         continue;
 
                 if (prctl(PR_CAPBSET_DROP, l) < 0) {
-
-                        /* If this capability is not known, EINVAL
-                         * will be returned, let's ignore this. */
-                        if (errno == EINVAL)
-                                break;
-
                         log_error("PR_CAPBSET_DROP failed: %m");
                         return -errno;
                 }
author	Lennart Poettering <lennart@poettering.net>	2011-10-11 22:30:31 +0200
committer	Lennart Poettering <lennart@poettering.net>	2011-10-11 22:30:31 +0200
commit	64685e0cea62b4937f0804e47ce2cb7929f58223 (patch)
tree	b33dc0e8922360c9f067591cafa8632f2b26ea58 /src/nspawn.c
parent	d2134abdd5a21bb7e4b307f403d890901628fcf9 (diff)