From 055d016b49e88328ff3a2b433188c1109a9cf8e3 Mon Sep 17 00:00:00 2001
From: Martin Willi <martin@strongswan.org>
Date: Fri, 28 Sep 2007 07:04:09 +0000
Subject: changed inheritable capability set to the permitted one to execute
 firewall script with CAP_NET_ADMIN

---
 src/charon/daemon.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/charon/daemon.c b/src/charon/daemon.c
index 56b737ad6..c9c632def 100644
--- a/src/charon/daemon.c
+++ b/src/charon/daemon.c
@@ -251,8 +251,7 @@ static void drop_capabilities(private_daemon_t *this, bool full)
 
 	hdr.version = _LINUX_CAPABILITY_VERSION;
 	hdr.pid = 0;
-	data.effective = data.permitted = keep;
-	data.inheritable = 0;
+	data.inheritable = data.effective = data.permitted = keep;
 	
 	if (capset(&hdr, &data))
 	{
-- 
cgit v1.2.3