From 2822da4fb7f891e5320f02f1d00f64b72221ced4 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 10 Dec 2014 03:16:14 +0100
Subject: util: introduce our own gperf based capability list

This way, we can ensure we have a more complete, up-to-date list of
capabilities around, always.
---
 src/core/execute.c       | 10 +++-------
 src/core/load-fragment.c | 11 +++++------
 2 files changed, 8 insertions(+), 13 deletions(-)

(limited to 'src/core')

diff --git a/src/core/execute.c b/src/core/execute.c
index b7ac4c7b2b..955090c446 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -86,6 +86,7 @@
 #include "smack-util.h"
 #include "bus-kernel.h"
 #include "label.h"
+#include "cap-list.h"
 
 #ifdef HAVE_SECCOMP
 #include "seccomp-util.h"
@@ -2296,13 +2297,8 @@ void exec_context_dump(ExecContext *c, FILE* f, const char *prefix) {
                 fprintf(f, "%sCapabilityBoundingSet:", prefix);
 
                 for (l = 0; l <= cap_last_cap(); l++)
-                        if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) l))) {
-                                _cleanup_cap_free_charp_ char *t;
-
-                                t = cap_to_name(l);
-                                if (t)
-                                        fprintf(f, " %s", t);
-                        }
+                        if (!(c->capability_bounding_set_drop & ((uint64_t) 1ULL << (uint64_t) l)))
+                                fprintf(f, " %s", strna(capability_to_name(l)));
 
                 fputs("\n", f);
         }
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
index 7f109b8930..259323bd5c 100644
--- a/src/core/load-fragment.c
+++ b/src/core/load-fragment.c
@@ -59,6 +59,7 @@
 #include "bus-error.h"
 #include "errno-list.h"
 #include "af-list.h"
+#include "cap-list.h"
 
 #ifdef HAVE_SECCOMP
 #include "seccomp-util.h"
@@ -1040,17 +1041,15 @@ int config_parse_bounding_set(const char *unit,
 
         FOREACH_WORD_QUOTED(word, l, rvalue, state) {
                 _cleanup_free_ char *t = NULL;
-                int r;
-                cap_value_t cap;
+                int cap;
 
                 t = strndup(word, l);
                 if (!t)
                         return log_oom();
 
-                r = cap_from_name(t, &cap);
-                if (r < 0) {
-                        log_syntax(unit, LOG_ERR, filename, line, errno,
-                                   "Failed to parse capability in bounding set, ignoring: %s", t);
+                cap = capability_from_name(t);
+                if (cap < 0) {
+                        log_syntax(unit, LOG_ERR, filename, line, errno, "Failed to parse capability in bounding set, ignoring: %s", t);
                         continue;
                 }
 
-- 
cgit v1.2.3-54-g00ecf