diff options
author | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-12-23 17:29:40 +0900 |
---|---|---|
committer | Yu Watanabe <watanabe.yu+github@gmail.com> | 2022-12-23 22:11:00 +0900 |
commit | 26c45a6c1d340e344157f7a6340782b4934b579f (patch) | |
tree | b08b0ea7d624a830be7dca9541a0402e487629e6 /src/sysext | |
parent | d7301331e8db7050c8dc4b1b8c8f70b81d75b438 (diff) | |
download | systemd-26c45a6c1d340e344157f7a6340782b4934b579f.tar.gz |
tree-wide: have_effective_cap() may return negative errno
Diffstat (limited to 'src/sysext')
-rw-r--r-- | src/sysext/sysext.c | 16 |
1 files changed, 13 insertions, 3 deletions
diff --git a/src/sysext/sysext.c b/src/sysext/sysext.c index b9147fbd78..4fbc5e877e 100644 --- a/src/sysext/sysext.c +++ b/src/sysext/sysext.c @@ -153,8 +153,12 @@ static int unmerge(void) { } static int verb_unmerge(int argc, char **argv, void *userdata) { + int r; - if (!have_effective_cap(CAP_SYS_ADMIN)) + r = have_effective_cap(CAP_SYS_ADMIN); + if (r < 0) + return log_error_errno(r, "Failed to check if we have enough privileges: %m"); + if (r == 0) return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Need to be privileged."); return unmerge(); @@ -761,7 +765,10 @@ static int verb_merge(int argc, char **argv, void *userdata) { _cleanup_(hashmap_freep) Hashmap *images = NULL; int r; - if (!have_effective_cap(CAP_SYS_ADMIN)) + r = have_effective_cap(CAP_SYS_ADMIN); + if (r < 0) + return log_error_errno(r, "Failed to check if we have enough privileges: %m"); + if (r == 0) return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Need to be privileged."); r = image_discover_and_read_metadata(&images); @@ -796,7 +803,10 @@ static int verb_refresh(int argc, char **argv, void *userdata) { _cleanup_(hashmap_freep) Hashmap *images = NULL; int r; - if (!have_effective_cap(CAP_SYS_ADMIN)) + r = have_effective_cap(CAP_SYS_ADMIN); + if (r < 0) + return log_error_errno(r, "Failed to check if we have enough privileges: %m"); + if (r == 0) return log_error_errno(SYNTHETIC_ERRNO(EPERM), "Need to be privileged."); r = image_discover_and_read_metadata(&images); |