From: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date: Wed, 18 Jun 2025 15:24:53 +0000 (+0200)
Subject: shared/bus-unit-util: define helper for CapabilityBoundingSet=/AmbientCapabilities=
X-Git-Tag: v258-rc1~183^2~34
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8f0824f9dbf9b7d55a0e377a710d3ae9cf2067c5;p=thirdparty%2Fsystemd.git

shared/bus-unit-util: define helper for CapabilityBoundingSet=/AmbientCapabilities=
---

diff --git a/src/shared/bus-unit-util.c b/src/shared/bus-unit-util.c
index 0255f4fb02a..4ad3e49e44d 100644
--- a/src/shared/bus-unit-util.c
+++ b/src/shared/bus-unit-util.c
@@ -1291,6 +1291,30 @@ static int bus_append_resource_limit(sd_bus_message *m, const char *field, const
         return 1;
 }
 
+static int bus_append_capabilities(sd_bus_message *m, const char *field, const char *eq) {
+        uint64_t sum = 0;
+        bool invert = false;
+        const char *p = eq;
+        int r;
+
+        if (*p == '~') {
+                invert = true;
+                p++;
+        }
+
+        r = capability_set_from_string(p, &sum);
+        if (r < 0)
+                return log_error_errno(r, "Failed to parse %s value %s: %m", field, eq);
+
+        sum = invert ? ~sum : sum;
+
+        r = sd_bus_message_append(m, "(sv)", field, "t", sum);
+        if (r < 0)
+                return bus_log_create_error(r);
+
+        return 1;
+}
+
 static int bus_append_cgroup_property(sd_bus_message *m, const char *field, const char *eq) {
         if (STR_IN_SET(field, "DevicePolicy",
                               "Slice",
@@ -1607,28 +1631,8 @@ static int bus_append_execute_property(sd_bus_message *m, const char *field, con
         }
 
         if (STR_IN_SET(field, "CapabilityBoundingSet",
-                              "AmbientCapabilities")) {
-                uint64_t sum = 0;
-                bool invert = false;
-                const char *p = eq;
-
-                if (*p == '~') {
-                        invert = true;
-                        p++;
-                }
-
-                r = capability_set_from_string(p, &sum);
-                if (r < 0)
-                        return log_error_errno(r, "Failed to parse %s value %s: %m", field, eq);
-
-                sum = invert ? ~sum : sum;
-
-                r = sd_bus_message_append(m, "(sv)", field, "t", sum);
-                if (r < 0)
-                        return bus_log_create_error(r);
-
-                return 1;
-        }
+                              "AmbientCapabilities"))
+                return bus_append_capabilities(m, field, eq);
 
         if (streq(field, "CPUAffinity")) {
                 _cleanup_(cpu_set_done) CPUSet cpuset = {};