From 55933f88766f9b2fa2f284c5d0ff098e1e11b657 Mon Sep 17 00:00:00 2001
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Fri, 20 Dec 2019 03:43:36 -0500
Subject: [PATCH] refactoring

---
 usr/lib/security-misc/permission-hardening | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/usr/lib/security-misc/permission-hardening b/usr/lib/security-misc/permission-hardening
index 175edf7..3739c5a 100755
--- a/usr/lib/security-misc/permission-hardening
+++ b/usr/lib/security-misc/permission-hardening
@@ -127,17 +127,19 @@ set_file_perms() {
       add_statoverride_entry
     fi
 
-    if ! [ "$capability" = "" ]; then
-      if [ "$capability" = "none" ]; then
-        echo_wrapper setcap -r "$fso"
-      else
-        if ! capsh --print | grep "Bounding set" | grep -q "$capability"; then
-           echo "ERROR: Capability '$capability' does not exist!" >&2
-           continue
-        fi
+    if [ "$capability" = "" ]; then
+      continue
+    fi
 
-        echo_wrapper setcap "${capability}+ep" "$fso"
+    if [ "$capability" = "none" ]; then
+      echo_wrapper setcap -r "$fso"
+    else
+      if ! capsh --print | grep "Bounding set" | grep -q "$capability"; then
+         echo "ERROR: Capability '$capability' does not exist!" >&2
+         continue
       fi
+
+      echo_wrapper setcap "${capability}+ep" "$fso"
     fi
   done < "${config_file}"
 }