lib: terminate capabilities only if initialized

zprivs_caps_init() is called conditionally, apply the same condition on terminate. Signed-off-by: David Lamparter <equinox@opensourcerouting.org>
author: David Lamparter <equinox@opensourcerouting.org> 2017-08-21 20:17:53 +0200
committer: David Lamparter <equinox@opensourcerouting.org> 2017-08-21 21:53:46 +0200
commit: 4093d47b9913113e1e30f8cce82bd8104a0efa8e (patch)
tree: 4d5bc9e944811390717971773e14e1cc81fcf85a /lib/privs.c
parent: 8e9e4bd4bf0493013e071d9edb5c374c78549c73 (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/privs.c b/lib/privs.c
index eda3fb02d4..cfe7d6d6f8 100644
--- a/lib/privs.c
+++ b/lib/privs.c
@@ -856,7 +856,9 @@ void zprivs_terminate(struct zebra_privs_t *zprivs)
 	}
 
 #ifdef HAVE_CAPABILITIES
-	zprivs_caps_terminate();
+	if (zprivs->user || zprivs->group || zprivs->cap_num_p
+	    || zprivs->cap_num_i)
+		zprivs_caps_terminate();
 #else  /* !HAVE_CAPABILITIES */
 	/* only change uid if we don't have the correct one */
 	if ((zprivs_state.zuid) && (zprivs_state.zsuid != zprivs_state.zuid)) {
author	David Lamparter <equinox@opensourcerouting.org>	2017-08-21 20:17:53 +0200
committer	David Lamparter <equinox@opensourcerouting.org>	2017-08-21 21:53:46 +0200
commit	4093d47b9913113e1e30f8cce82bd8104a0efa8e (patch)
tree	4d5bc9e944811390717971773e14e1cc81fcf85a /lib/privs.c
parent	8e9e4bd4bf0493013e071d9edb5c374c78549c73 (diff)