util: introduce our own gperf based capability list

This way, we can ensure we have a more complete, up-to-date list of capabilities around, always.
author: Lennart Poettering <lennart@poettering.net> 2014-12-10 03:16:14 +0100
committer: Lennart Poettering <lennart@poettering.net> 2014-12-10 03:21:07 +0100
commit: 2822da4fb7f891e5320f02f1d00f64b72221ced4 (patch)
tree: 53d99b2f6cfd0d0e81b47671a03f1c3e1e5880fc /src/shared/condition.c
parent: 45823da23ccfea5159fafa844ede0a873a460df8 (diff)
1 files changed, 4 insertions, 3 deletions
diff --git a/src/shared/condition.c b/src/shared/condition.c
index 59f262244b..dcbf9a7e86 100644
--- a/src/shared/condition.c
+++ b/src/shared/condition.c
@@ -39,6 +39,7 @@
 #include "selinux-util.h"
 #include "audit.h"
 #include "condition.h"
+#include "cap-list.h"
 
 Condition* condition_new(ConditionType type, const char *parameter, bool trigger, bool negate) {
         Condition *c;
@@ -235,7 +236,7 @@ static int condition_test_security(Condition *c) {
 
 static int condition_test_capability(Condition *c) {
         _cleanup_fclose_ FILE *f = NULL;
-        cap_value_t value;
+        int value;
         char line[LINE_MAX];
         unsigned long long capabilities = -1;
 
@@ -244,8 +245,8 @@ static int condition_test_capability(Condition *c) {
         assert(c->type == CONDITION_CAPABILITY);
 
         /* If it's an invalid capability, we don't have it */
-
-        if (cap_from_name(c->parameter, &value) < 0)
+        value = capability_from_name(c->parameter);
+        if (value < 0)
                 return -EINVAL;
 
         /* If it's a valid capability we default to assume
author	Lennart Poettering <lennart@poettering.net>	2014-12-10 03:16:14 +0100
committer	Lennart Poettering <lennart@poettering.net>	2014-12-10 03:21:07 +0100
commit	2822da4fb7f891e5320f02f1d00f64b72221ced4 (patch)
tree	53d99b2f6cfd0d0e81b47671a03f1c3e1e5880fc /src/shared/condition.c
parent	45823da23ccfea5159fafa844ede0a873a460df8 (diff)