1 files changed, 7 insertions, 5 deletions

diff --git a/src/import/import-common.c b/src/import/import-common.c
index d8a3bbc249..8a48bd7bf9 100644
--- a/src/import/import-common.c
+++ b/src/import/import-common.c
@@ -19,15 +19,17 @@
   along with systemd; If not, see <http://www.gnu.org/licenses/>.
 ***/
 
+#include <sched.h>
 #include <sys/prctl.h>
 #include <sys/stat.h>
 #include <unistd.h>
 
-#include "util.h"
 #include "btrfs-util.h"
-#include "capability.h"
-#include "signal-util.h"
+#include "capability-util.h"
+#include "fd-util.h"
 #include "import-common.h"
+#include "signal-util.h"
+#include "util.h"
 
 int import_make_read_only_fd(int fd) {
         int r;
@@ -132,7 +134,7 @@ int import_fork_tar_x(const char *path, pid_t *ret) {
                 if (unshare(CLONE_NEWNET) < 0)
                         log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
 
-                r = capability_bounding_set_drop(~retain, true);
+                r = capability_bounding_set_drop(retain, true);
                 if (r < 0)
                         log_error_errno(r, "Failed to drop capabilities, ignoring: %m");
 
@@ -206,7 +208,7 @@ int import_fork_tar_c(const char *path, pid_t *ret) {
                 if (unshare(CLONE_NEWNET) < 0)
                         log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
 
-                r = capability_bounding_set_drop(~retain, true);
+                r = capability_bounding_set_drop(retain, true);
                 if (r < 0)
                         log_error_errno(r, "Failed to drop capabilities, ignoring: %m");