lib: don't try to change/reset capabilities if process has none

A couple of daemons take/use no capabilities/privs; allow cleanup
of the privs/capabilities library module even if a daemon has no
caps.

Signed-off-by: Mark Stapp <mjs@voltanet.io>

diff --git a/lib/privs.c b/lib/privs.c
index 09efedf68460ac3ab3ce749d4203242810ef6fbb..eb0dbe078382cd8c498ccc2c91075d12e8a1b833 100644 (file)
--- a/lib/privs.c
+++ b/lib/privs.c
@@ -406,9 +406,11 @@ static void zprivs_caps_init(struct zebra_privs_t *zprivs)
 
 static void zprivs_caps_terminate(void)
 {
-       /* clear all capabilities */
+       /* Clear all capabilities, if we have any. */
        if (zprivs_state.caps)
                cap_clear(zprivs_state.caps);
+       else
+               return;
 
        /* and boom, capabilities are gone forever */
        if (cap_set_proc(zprivs_state.caps)) {