Revert "execute: Call capability_ambient_set_apply even if ambient set is 0"
With ambient capabilities being dropped at the start of process managers
(both system and user) as well as systemd-executor it isn't necessary
to drop them here. Moreover, at this point also the inheritable set can
be preserved. This makes it possible to assign a user session manager
inheritable capabilities which combined with file capabilites (ei sets)
of service executables enable running user services with capabilities
but only when started by the manager.
This reverts commit
943800f4e7728feb2416dd57b8c296614497b94f.
projects / thirdparty / systemd.git / commit
