From b69affe3c1df8302300d6622ab747c9bef854d8f Mon Sep 17 00:00:00 2001
From: Michal Privoznik <mprivozn@redhat.com>
Date: Thu, 22 Jul 2021 14:12:14 +0200
Subject: [PATCH] virSetUIDGIDWithCaps: Drop redundant parenthesis around
 capng_apply()

After all capabilities were set (except for CAP_SETGID,
CAP_SETUID and CAP_SETPCAP) and after UID:GID was changed we drop
the last aforementioned capabilities (we couldn't drop them
before because we needed UID:GID and capabilities change).
Therefore, there's final capng_apply() call. However, it is
wrapped in one layer of parenthesis more than needed.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
---
 src/util/virutil.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/util/virutil.c b/src/util/virutil.c
index ed3d57662b..aba0aea0ff 100644
--- a/src/util/virutil.c
+++ b/src/util/virutil.c
@@ -1261,7 +1261,7 @@ virSetUIDGIDWithCaps(uid_t uid, gid_t gid, gid_t *groups, int ngroups,
     if (need_setpcap)
         capng_update(CAPNG_DROP, CAPNG_EFFECTIVE|CAPNG_PERMITTED, CAP_SETPCAP);
 
-    if (((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) < 0)) {
+    if ((capng_ret = capng_apply(CAPNG_SELECT_CAPS)) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
                        _("cannot apply process capabilities %d"), capng_ret);
         return -1;
-- 
2.47.2