ryantimwilson / rpms / systemd

Forked from rpms/systemd a month ago
Clone
803fb7
From 5c7d92d36bd1b608ccba0adc3fdc5446e6575623 Mon Sep 17 00:00:00 2001
803fb7
From: Evgeny Vereshchagin <evvers@ya.ru>
803fb7
Date: Tue, 27 Oct 2015 14:40:28 +0300
803fb7
Subject: [PATCH] core: fix CapabilityBoundingSet merging
803fb7
803fb7
Fixes: #1221
803fb7
803fb7
Cherry-picked from: b9d345b
803fb7
Resolves: #1409586
803fb7
---
803fb7
 src/core/load-fragment.c | 8 +++++---
803fb7
 1 file changed, 5 insertions(+), 3 deletions(-)
803fb7
803fb7
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
803fb7
index 4fecb8314..90d42b002 100644
803fb7
--- a/src/core/load-fragment.c
803fb7
+++ b/src/core/load-fragment.c
803fb7
@@ -1027,6 +1027,7 @@ int config_parse_bounding_set(const char *unit,
803fb7
                               void *userdata) {
803fb7
 
803fb7
         uint64_t *capability_bounding_set_drop = data;
803fb7
+        uint64_t capability_bounding_set;
803fb7
         const char *word, *state;
803fb7
         size_t l;
803fb7
         bool invert = false;
803fb7
@@ -1067,10 +1068,11 @@ int config_parse_bounding_set(const char *unit,
803fb7
                 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
803fb7
                            "Trailing garbage, ignoring.");
803fb7
 
803fb7
-        if (invert)
803fb7
-                *capability_bounding_set_drop |= sum;
803fb7
+        capability_bounding_set = invert ? ~sum : sum;
803fb7
+        if (*capability_bounding_set_drop)
803fb7
+                *capability_bounding_set_drop = ~(~*capability_bounding_set_drop | capability_bounding_set);
803fb7
         else
803fb7
-                *capability_bounding_set_drop |= ~sum;
803fb7
+                *capability_bounding_set_drop = ~capability_bounding_set;
803fb7
 
803fb7
         return 0;
803fb7
 }