journal: add logging of effective capabilities _CAP_EFFECTIVE

I think this is the most important of the capabilities bitmasks to log.

2 files changed, 35 insertions, 0 deletions

diff --git a/src/shared/util.c b/src/shared/util.c
index 5c7204a567..19ca8ad135 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -726,6 +726,40 @@ int is_kernel_thread(pid_t pid) {
         return 0;
 }
 
+int get_process_capeff(pid_t pid, char **capeff) {
+        const char *p;
+        _cleanup_free_ char *status = NULL;
+        char *t = NULL;
+        int r;
+
+        assert(capeff);
+        assert(pid >= 0);
+
+        if (pid == 0)
+                p = "/proc/self/status";
+        else
+                p = procfs_file_alloca(pid, "status");
+
+        r = read_full_file(p, &status, NULL);
+        if (r < 0)
+                return r;
+
+        t = strstr(status, "\nCapEff:\t");
+        if (!t)
+                return -ENOENT;
+
+        for (t += strlen("\nCapEff:\t"); t[0] == '0'; t++)
+                continue;
+
+        if (t[0] == '\n')
+                t--;
+
+        *capeff = strndup(t, strchr(t, '\n') - t);
+        if (!*capeff)
+                return -ENOMEM;
+
+        return 0;
+}
 
 int get_process_exe(pid_t pid, char **name) {
         const char *p;
diff --git a/src/shared/util.h b/src/shared/util.h
index ddb21b4a9c..fac08ca43c 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -210,6 +210,7 @@ int get_process_cmdline(pid_t pid, size_t max_length, bool comm_fallback, char *
 int get_process_exe(pid_t pid, char **name);
 int get_process_uid(pid_t pid, uid_t *uid);
 int get_process_gid(pid_t pid, gid_t *gid);
+int get_process_capeff(pid_t pid, char **capeff);
 
 char hexchar(int x) _const_;
 int unhexchar(char c) _const_;