From 22e0fa03b276efd121a91729b04afe65d85f3c3b Mon Sep 17 00:00:00 2001
From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com>
Date: Fri, 16 Oct 2020 21:23:43 +0200
Subject: [PATCH] [capabilities] fix for a newer versions of libcap (#1061)
 (#1110)

* [capabilities] fix for a newer versions of libcap

fixes: #993

* Minor correction for files without caps set.

PS: side note, getcap (per sources) does not set non-zero return code,
even for files which are not found (i.e. wrong filename).

* add changelog fragment

* review/suggested changes

* change comment to explicitly state stderr vs output

(cherry picked from commit 07d123a71a5ad769aac4d04e7e189fbf5f957cd8)

Co-authored-by: Anatoly Pugachev <matorola@gmail.com>
---
 changelogs/fragments/993-file-capabilities.yml |  2 ++
 plugins/modules/system/capabilities.py         | 12 +++++++++---
 2 files changed, 11 insertions(+), 3 deletions(-)
 create mode 100644 changelogs/fragments/993-file-capabilities.yml

diff --git a/changelogs/fragments/993-file-capabilities.yml b/changelogs/fragments/993-file-capabilities.yml
new file mode 100644
index 0000000000..a9e781c400
--- /dev/null
+++ b/changelogs/fragments/993-file-capabilities.yml
@@ -0,0 +1,2 @@
+bugfixes:
+  - capabilities - fix for a newer version of libcap release (https://github.com/ansible-collections/community.general/pull/1061).
diff --git a/plugins/modules/system/capabilities.py b/plugins/modules/system/capabilities.py
index 9643aadbce..ac6dde6761 100644
--- a/plugins/modules/system/capabilities.py
+++ b/plugins/modules/system/capabilities.py
@@ -108,12 +108,18 @@ class CapabilitiesModule(object):
         #   '/foo ='
         # If file xattrs are unset the output will be:
         #   '/foo'
-        # If the file does not exist the output will be (with rc == 0...):
+        # If the file does not exist, the stderr will be (with rc == 0...):
         #   '/foo (No such file or directory)'
-        if rc != 0 or (stdout.strip() != path and stdout.count(' =') != 1):
+        if rc != 0 or stderr != "":
             self.module.fail_json(msg="Unable to get capabilities of %s" % path, stdout=stdout.strip(), stderr=stderr)
         if stdout.strip() != path:
-            caps = stdout.split(' =')[1].strip().split()
+            if ' =' in stdout:
+                # process output of an older version of libcap
+                caps = stdout.split(' =')[1].strip().split()
+            else:
+                # otherwise, we have a newer version here
+                # see original commit message of cap/v0.2.40-18-g177cd41 in libcap.git
+                caps = stdout.split()[1].strip().split()
             for cap in caps:
                 cap = cap.lower()
                 # getcap condenses capabilities with the same op/flags into a