From 939b8f14dcd9312140d001b55b4e7a87173682ef Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Tue, 29 May 2012 23:33:38 +0200
Subject: capabilities: when dropping capabilities system-wide also drop them
 from usermode helpers

This hooks things up with /proc/sys/kernel/usermodehelper/bset and
/proc/sys/kernel/usermodehelper/inheritable.
---
 src/shared/capability.h | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/shared/capability.h')

diff --git a/src/shared/capability.h b/src/shared/capability.h
index 0cc5dd08aa..6cb31bb510 100644
--- a/src/shared/capability.h
+++ b/src/shared/capability.h
@@ -27,6 +27,7 @@
 
 unsigned long cap_last_cap(void);
 int have_effective_cap(int value);
-int capability_bounding_set_drop(uint64_t caps, bool right_now);
+int capability_bounding_set_drop(uint64_t drop, bool right_now);
+int capability_bounding_set_drop_usermode(uint64_t drop);
 
 #endif
-- 
cgit v1.2.3-54-g00ecf