+int in_group_p(gid_t gid)
+{
+ int i;
+
+ if (gid == current->fsgid)
+ return 1;
+
+ for (i = 0; i < current->ngroups; i++) {
+ if (gid == current->groups[i])
+ return 1;
+ }
+
+ return 0;
+}
+
+static void init_capability(int *res)
+{
+ cap_value_t cap_types[] = {
+ CAP_CHOWN,
+ CAP_DAC_OVERRIDE,
+ CAP_DAC_READ_SEARCH,
+ CAP_FOWNER,
+ CAP_FSETID,
+ CAP_KILL,
+ CAP_SETGID,
+ CAP_SETUID,
+ /* following are linux specific, we could simply
+ * remove them I think */
+ CAP_SETPCAP,
+ CAP_LINUX_IMMUTABLE,
+ CAP_NET_BIND_SERVICE,
+ CAP_NET_BROADCAST,
+ CAP_NET_ADMIN,
+ CAP_NET_RAW,
+ CAP_IPC_LOCK,
+ CAP_IPC_OWNER,
+ CAP_SYS_MODULE,
+ CAP_SYS_RAWIO,
+ CAP_SYS_CHROOT,
+ CAP_SYS_PTRACE,
+ CAP_SYS_PACCT,
+ CAP_SYS_ADMIN,
+ CAP_SYS_BOOT,
+ CAP_SYS_NICE,
+ CAP_SYS_RESOURCE,
+ CAP_SYS_TIME,
+ CAP_SYS_TTY_CONFIG,
+ CAP_MKNOD,
+ CAP_LEASE,
+ };
+ cap_t syscap;
+ cap_flag_value_t capval;
+ int i;
+
+ *res = 0;
+
+ syscap = cap_get_proc();
+ if (!syscap) {
+ printf("Liblustre: Warning: failed to get system capability, "
+ "set to minimal\n");
+ return;
+ }
+
+ for (i = 0; i < sizeof(cap_types)/sizeof(cap_t); i++) {
+ LASSERT(cap_types[i] < 32);
+ if (!cap_get_flag(syscap, cap_types[i],
+ CAP_EFFECTIVE, &capval)) {
+ if (capval == CAP_SET) {
+ *res |= 1 << cap_types[i];
+ }
+ }
+ }
+}
+
+static int init_current(char *comm)