From 3275932b427da817d6b362cb2c29f176da79578d Mon Sep 17 00:00:00 2001
From: Christian Brauner <christian.brauner@ubuntu.com>
Date: Fri, 22 Feb 2019 21:41:41 +0100
Subject: [PATCH] conf: simplify idmaptool_on_path_and_privileged

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
---
 src/lxc/conf.c | 25 ++++++++++---------------
 1 file changed, 10 insertions(+), 15 deletions(-)

diff --git a/src/lxc/conf.c b/src/lxc/conf.c
index 14f8f963e..129ead3df 100644
--- a/src/lxc/conf.c
+++ b/src/lxc/conf.c
@@ -2844,24 +2844,23 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap)
 	struct stat st;
 	int fret = 0;
 
+	errno = EINVAL;
 	if (cap != CAP_SETUID && cap != CAP_SETGID)
-		return -EINVAL;
+		return -1;
 
+	errno = ENOENT;
 	path = on_path(binary, NULL);
 	if (!path)
-		return -ENOENT;
+		return -1;
 
 	ret = stat(path, &st);
-	if (ret < 0) {
-		fret = -errno;
-		goto cleanup;
-	}
+	if (ret < 0)
+		return -1;
 
 	/* Check if the binary is setuid. */
 	if (st.st_mode & S_ISUID) {
 		DEBUG("The binary \"%s\" does have the setuid bit set", path);
-		fret = 1;
-		goto cleanup;
+		return 1;
 	}
 
 #if HAVE_LIBCAP && LIBCAP_SUPPORTS_FILE_CAPABILITIES
@@ -2871,8 +2870,7 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap)
 	    lxc_file_cap_is_set(path, CAP_SETUID, CAP_PERMITTED)) {
 		DEBUG("The binary \"%s\" has CAP_SETUID in its CAP_EFFECTIVE "
 		      "and CAP_PERMITTED sets", path);
-		fret = 1;
-		goto cleanup;
+		return 1;
 	}
 
 	/* Check if it has the CAP_SETGID capability. */
@@ -2881,8 +2879,7 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap)
 	    lxc_file_cap_is_set(path, CAP_SETGID, CAP_PERMITTED)) {
 		DEBUG("The binary \"%s\" has CAP_SETGID in its CAP_EFFECTIVE "
 		      "and CAP_PERMITTED sets", path);
-		fret = 1;
-		goto cleanup;
+		return 1;
 	}
 #else
 	/* If we cannot check for file capabilities we need to give the benefit
@@ -2891,11 +2888,9 @@ static int idmaptool_on_path_and_privileged(const char *binary, cap_value_t cap)
 	 */
 	DEBUG("Cannot check for file capabilities as full capability support is "
 	      "missing. Manual intervention needed");
-	fret = 1;
 #endif
 
-cleanup:
-	return fret;
+	return 1;
 }
 
 int lxc_map_ids_exec_wrapper(void *args)
-- 
2.47.2