ryantimwilson / rpms / systemd

Forked from rpms/systemd 2 months ago
Clone
a19bc6
From 5c7d92d36bd1b608ccba0adc3fdc5446e6575623 Mon Sep 17 00:00:00 2001
a19bc6
From: Evgeny Vereshchagin <evvers@ya.ru>
a19bc6
Date: Tue, 27 Oct 2015 14:40:28 +0300
a19bc6
Subject: [PATCH] core: fix CapabilityBoundingSet merging
a19bc6
a19bc6
Fixes: #1221
a19bc6
a19bc6
Cherry-picked from: b9d345b
a19bc6
Resolves: #1409586
a19bc6
---
a19bc6
 src/core/load-fragment.c | 8 +++++---
a19bc6
 1 file changed, 5 insertions(+), 3 deletions(-)
a19bc6
a19bc6
diff --git a/src/core/load-fragment.c b/src/core/load-fragment.c
a19bc6
index 4fecb83..90d42b0 100644
a19bc6
--- a/src/core/load-fragment.c
a19bc6
+++ b/src/core/load-fragment.c
a19bc6
@@ -1027,6 +1027,7 @@ int config_parse_bounding_set(const char *unit,
a19bc6
                               void *userdata) {
a19bc6
 
a19bc6
         uint64_t *capability_bounding_set_drop = data;
a19bc6
+        uint64_t capability_bounding_set;
a19bc6
         const char *word, *state;
a19bc6
         size_t l;
a19bc6
         bool invert = false;
a19bc6
@@ -1067,10 +1068,11 @@ int config_parse_bounding_set(const char *unit,
a19bc6
                 log_syntax(unit, LOG_ERR, filename, line, EINVAL,
a19bc6
                            "Trailing garbage, ignoring.");
a19bc6
 
a19bc6
-        if (invert)
a19bc6
-                *capability_bounding_set_drop |= sum;
a19bc6
+        capability_bounding_set = invert ? ~sum : sum;
a19bc6
+        if (*capability_bounding_set_drop)
a19bc6
+                *capability_bounding_set_drop = ~(~*capability_bounding_set_drop | capability_bounding_set);
a19bc6
         else
a19bc6
-                *capability_bounding_set_drop |= ~sum;
a19bc6
+                *capability_bounding_set_drop = ~capability_bounding_set;
a19bc6
 
a19bc6
         return 0;
a19bc6
 }