func setAgentCapabilities()

in agent/agent.go [193:219]

• 26 lines of code
• 6 McCabe index (conditional complexity)

func setAgentCapabilities() error {
	capSet := cap.GetProc()
	if hasNetAdmin, _ := capSet.GetFlag(cap.Permitted, cap.NET_ADMIN); hasNetAdmin {
		log.Infof("Found NET_ADMIN capability in Agent's Permitted Flag, raising it in Inheritable and Ambient flags for Envoy to inherit.")
		if hasSetPCap, _ := capSet.GetFlag(cap.Permitted, cap.SETPCAP); !hasSetPCap {
			return fmt.Errorf("agent has NET_ADMIN capability but, not SETPCAP in its Permitted Flag. Envoy will not be started with NET_ADMIN capability")
		}
		iabVector := cap.IABGetProc()
		err := iabVector.SetVector(cap.Inh, true, cap.NET_ADMIN)
		if err != nil {
			log.Errorf("Failed to set NET_ADMIN in Agent's Inheritable capability vector: %v", err)
			return err
		}
		err = iabVector.SetVector(cap.Amb, true, cap.NET_ADMIN)
		if err != nil {
			log.Errorf("Failed to set NET_ADMIN in Agent's Ambient capability vector: %v", err)
			return err
		}

		err = iabVector.SetProc()
		if err != nil {
			log.Errorf("Failed to set NET_ADMIN capability in Agent's Inheritable and Ambient set: %v", err)
			return err
		}
	}
	return nil
}