From b3da3da525e066c67a14503a3a0d00d5024cc62d Mon Sep 17 00:00:00 2001
From: Ophestra <cat@gensokyo.uk>
Date: Sat, 23 Aug 2025 11:09:11 +0900
Subject: [PATCH] container/init: avoid multiple lastcap calls

This reduces the size of []kexpect in the test suite.

Signed-off-by: Ophestra <cat@gensokyo.uk>
---
 container/init.go | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/container/init.go b/container/init.go
index 39adefb..6bb5a9e 100644
--- a/container/init.go
+++ b/container/init.go
@@ -156,7 +156,7 @@ func initEntrypoint(k syscallDispatcher, prepareLogger func(prefix string), setV
 	}
 
 	// cache sysctl before pivot_root
-	k.lastcap()
+	lastcap := k.lastcap()
 
 	if err := k.mount(zeroString, FHSRoot, zeroString, MS_SILENT|MS_SLAVE|MS_REC, zeroString); err != nil {
 		k.fatalf("cannot make / rslave: %v", err)
@@ -262,7 +262,7 @@ func initEntrypoint(k syscallDispatcher, prepareLogger func(prefix string), setV
 	if err := k.capAmbientClearAll(); err != nil {
 		k.fatalf("cannot clear the ambient capability set: %v", err)
 	}
-	for i := uintptr(0); i <= k.lastcap(); i++ {
+	for i := uintptr(0); i <= lastcap; i++ {
 		if params.Privileged && i == CAP_SYS_ADMIN {
 			continue
 		}