From 520a0889fcc8dda79c682c168cf84ff24bedf216 Mon Sep 17 00:00:00 2001
From: VG <vg@devys.org>
Date: Tue, 8 Mar 2016 17:10:44 +0100
Subject: cosmetic changes

---
 run_with_inherited_caps.py            | 12 ++++++++----
 run_with_only_cap_net_bind_service.py | 14 ++++++++------
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/run_with_inherited_caps.py b/run_with_inherited_caps.py
index 063860c..87eef9d 100755
--- a/run_with_inherited_caps.py
+++ b/run_with_inherited_caps.py
@@ -41,7 +41,8 @@ CAP_CLEAR = 0
 CAP_SET = 1
 
 # generated list with command line below:
-# sed -n 's/^#define \(CAP_.*\)\s\+\([0-9]\+\).*$/\1 = \2/p' /usr/include/linux/capability.h
+# sed -n 's/^#define \(CAP_.*\)\s\+\([0-9]\+\).*$/\1 = \2/p' \
+#       /usr/include/linux/capability.h
 CAP_CHOWN            = 0
 CAP_DAC_OVERRIDE     = 1
 CAP_DAC_READ_SEARCH  = 2
@@ -96,9 +97,12 @@ ccap_values_temp = ffi.new('cap_value_t[]', cap_values_temp)
 
 print('len cap_values:', len(cap_values))
 caps = libcap.cap_init()
-libcap.cap_set_flag(caps, CAP_INHERITABLE, len(cap_values), ccap_values, CAP_SET)
-libcap.cap_set_flag(caps, CAP_PERMITTED, len(cap_values_temp), ccap_values_temp, CAP_SET)
-libcap.cap_set_flag(caps, CAP_EFFECTIVE, len(cap_values_temp), ccap_values_temp, CAP_SET)
+libcap.cap_set_flag(caps, CAP_INHERITABLE,
+        len(cap_values), ccap_values, CAP_SET)
+libcap.cap_set_flag(caps, CAP_PERMITTED,
+        len(cap_values_temp), ccap_values_temp, CAP_SET)
+libcap.cap_set_flag(caps, CAP_EFFECTIVE,
+        len(cap_values_temp), ccap_values_temp, CAP_SET)
 libcap.cap_set_proc(caps)
 libcap.cap_free(caps)
 
diff --git a/run_with_only_cap_net_bind_service.py b/run_with_only_cap_net_bind_service.py
index d5b88a6..99ae8ff 100755
--- a/run_with_only_cap_net_bind_service.py
+++ b/run_with_only_cap_net_bind_service.py
@@ -15,7 +15,6 @@ ffi = cffi.FFI()
 
 libc = ffi.dlopen('libc.so.6')
 libcap = ffi.dlopen('libcap.so.2')
-#libc.printf(ctypes.c_char_p(b"test\n"))
 
 ffi.cdef('''
 typedef struct _cap_struct *cap_t;
@@ -50,7 +49,8 @@ CAP_CLEAR = 0
 CAP_SET = 1
 
 # generated list with command line below:
-# sed -n 's/^#define \(CAP_.*\)\s\+\([0-9]\+\).*$/\1 = \2/p' /usr/include/linux/capability.h
+# sed -n 's/^#define \(CAP_.*\)\s\+\([0-9]\+\).*$/\1 = \2/p' \
+#       /usr/include/linux/capability.h
 CAP_CHOWN            = 0
 CAP_DAC_OVERRIDE     = 1
 CAP_DAC_READ_SEARCH  = 2
@@ -103,9 +103,12 @@ ccap_values_temp = ffi.new('cap_value_t[]', cap_values_temp)
 #caps = libcap.cap_get_proc()
 caps = libcap.cap_init()
 print('len cap_values:', len(cap_values))
-libcap.cap_set_flag(caps, CAP_PERMITTED, len(cap_values), ccap_values, CAP_SET)
-libcap.cap_set_flag(caps, CAP_PERMITTED, len(cap_values_temp), ccap_values_temp, CAP_SET)
-libcap.cap_set_flag(caps, CAP_EFFECTIVE, len(cap_values_temp), ccap_values_temp, CAP_SET)
+libcap.cap_set_flag(caps, CAP_PERMITTED,
+        len(cap_values), ccap_values, CAP_SET)
+libcap.cap_set_flag(caps, CAP_PERMITTED,
+        len(cap_values_temp), ccap_values_temp, CAP_SET)
+libcap.cap_set_flag(caps, CAP_EFFECTIVE,
+        len(cap_values_temp), ccap_values_temp, CAP_SET)
 libcap.cap_set_proc(caps)
 libcap.cap_free(caps)
 
@@ -113,7 +116,6 @@ print("after dropping caps")
 os.system("cat /proc/{}/status | grep Cap".format(pid))
 
 print('result:', libc.prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0))
-#print('result:', libc.prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0))
 
 os.setgroups(os.getgrouplist(pwd.getpwuid(uid)[0], gid))
 os.setgid(gid)
-- 
cgit v1.2.3