caps: add lxc_cap_is_set()

src/lxc/caps.c

@@ -22,20 +22,21 @@
  */
 
 #define _GNU_SOURCE
-#include <unistd.h>
+#include "config.h"
+
+#include <errno.h>
+#include <limits.h>
 #include <fcntl.h>
 #include <stdlib.h>
-#include <limits.h>
+#include <unistd.h>
 #include <sys/prctl.h>
-#include <errno.h>
 
-#include "config.h"
+#include "caps.h"
 #include "log.h"
 
 lxc_log_define(lxc_caps, lxc);
 
 #if HAVE_SYS_CAPABILITY_H
-#include <sys/capability.h>
 
 #ifndef PR_CAPBSET_READ
 #define PR_CAPBSET_READ 23
@@ -208,4 +209,27 @@ int lxc_caps_last_cap(void)
 	return last_cap;
 }
 
+bool lxc_cap_is_set(cap_value_t cap, cap_flag_t flag)
+{
+	int ret;
+	cap_t caps;
+	cap_flag_value_t flagval;
+
+	caps = cap_get_proc();
+	if (!caps) {
+		ERROR("Failed to perform cap_get_proc(): %s.", strerror(errno));
+		return false;
+	}
+
+	ret = cap_get_flag(caps, cap, flag, &flagval);
+	if (ret < 0) {
+		ERROR("Failed to perform cap_get_flag(): %s.", strerror(errno));
+		cap_free(caps);
+		return false;
+	}
+
+	cap_free(caps);
+	return flagval == CAP_SET;
+}
+
 #endif

src/lxc/caps.h

@@ -20,17 +20,23 @@
  * License along with this library; if not, write to the Free Software
  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
  */
+
 #include "config.h"
+#include <stdbool.h>
 
 #ifndef __LXC_CAPS_H
 #define __LXC_CAPS_H
 
 #if HAVE_SYS_CAPABILITY_H
+#include <sys/capability.h>
+
 extern int lxc_caps_down(void);
 extern int lxc_caps_up(void);
 extern int lxc_caps_init(void);
 
 extern int lxc_caps_last_cap(void);
+
+extern bool lxc_cap_is_set(cap_value_t cap, cap_flag_t flag);
 #else
 static inline int lxc_caps_down(void) {
 	return 0;
@@ -45,6 +51,12 @@ static inline int lxc_caps_init(void) {
 static inline int lxc_caps_last_cap(void) {
 	return 0;
 }
+
+typedef int cap_value_t;
+typedef int cap_flag_t;
+static inline bool lxc_cap_is_set(cap_value_t cap, cap_flag_t flag) {
+	return true;
+}
 #endif
 
 #define lxc_priv(__lxc_function)			\