- const char *filepath;
- int sts;
-
- if (!PyArg_ParseTuple(args, "s", &filepath))
- return NULL;
-
- int fd = open(filepath, O_RDONLY);
- if (fd < 0) {
- //printf("Could not open ns file\n");
- sts = -1;
- goto out;
- }
-
- if (setns(fd, 666)) {
- sts = -1;
- }
- close(fd);
-
-out:
- return Py_BuildValue("i", sts);
+ unsigned int to_drop[128] = {CAP_NET_ADMIN,CAP_SYS_ADMIN,CAP_SYS_BOOT,CAP_MKNOD,CAP_MAC_ADMIN,CAP_SYS_MODULE};
+ unsigned int i;
+ for (i = 0;i<6;i++) {
+ if (prctl(PR_CAPBSET_DROP, to_drop[i], 0, 0, 0) == -1) {
+ perror("prctl");
+ return Py_BuildValue("i", 2);
+ }
+ }
+ return Py_BuildValue("i", 0);