summaryrefslogtreecommitdiff
path: root/src/basic/capability-util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/basic/capability-util.c')
-rw-r--r--src/basic/capability-util.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/basic/capability-util.c b/src/basic/capability-util.c
index d4c5bd6937..c3de20a0e8 100644
--- a/src/basic/capability-util.c
+++ b/src/basic/capability-util.c
@@ -31,6 +31,7 @@
#include "log.h"
#include "macro.h"
#include "parse-util.h"
+#include "user-util.h"
#include "util.h"
int have_effective_cap(int value) {
@@ -295,8 +296,9 @@ int drop_privileges(uid_t uid, gid_t gid, uint64_t keep_capabilities) {
if (setresgid(gid, gid, gid) < 0)
return log_error_errno(errno, "Failed to change group ID: %m");
- if (setgroups(0, NULL) < 0)
- return log_error_errno(errno, "Failed to drop auxiliary groups list: %m");
+ r = maybe_setgroups(0, NULL);
+ if (r < 0)
+ return log_error_errno(r, "Failed to drop auxiliary groups list: %m");
/* Ensure we keep the permitted caps across the setresuid() */
if (prctl(PR_SET_KEEPCAPS, 1) < 0)
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-11-10 18:21:02 +0000