-#if defined(HAVE_SYS_CAPABILITY_H) && defined(HAVE_SYS_PRCTL_H)
-
-/* Limit permitted capabilities set to CAPSYS_NICE */
-int pa_limit_caps(void) {
- int r = -1;
- cap_t caps;
- cap_value_t nice_cap = CAP_SYS_NICE;
-
- caps = cap_init();
- pa_assert(caps);
- cap_clear(caps);
- cap_set_flag(caps, CAP_EFFECTIVE, 1, &nice_cap, CAP_SET);
- cap_set_flag(caps, CAP_PERMITTED, 1, &nice_cap, CAP_SET);
-
- if (cap_set_proc(caps) < 0)
- goto fail;
-
- if (prctl(PR_SET_KEEPCAPS, 1, 0, 0, 0) < 0)
- goto fail;
-
- pa_log_info("Dropped capabilities successfully.");
-
- r = 1;
-
-fail:
- cap_free(caps);
-
- return r;
-}
-
-/* Drop all capabilities, effectively becoming a normal user */
-int pa_drop_caps(void) {
- cap_t caps;
- int r = -1;
-
- caps = cap_init();
- pa_assert(caps);
-
- cap_clear(caps);
-
- prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0);
+#ifdef HAVE_SYS_PRCTL_H
+ pa_assert_se(prctl(PR_SET_KEEPCAPS, 0, 0, 0, 0) == 0);
+#endif