From 48eb441a1558d21108dec2afdae21faf914348c9 Mon Sep 17 00:00:00 2001
From: hengyoush <hengyoush1@163.com>
Date: Fri, 3 Jan 2025 20:56:50 +0800
Subject: [PATCH] fix: incorrect CAP_BPF check method

Signed-off-by: hengyoush <hengyoush1@163.com>
---
 cli/cmd/env_detection.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/cli/cmd/env_detection.go b/cli/cmd/env_detection.go
index 958ecc0dd..53f8457ed 100644
--- a/cli/cmd/env_detection.go
+++ b/cli/cmd/env_detection.go
@@ -52,7 +52,9 @@ func detectBpfCap() error {
 		return fmt.Errorf("failed to get the capabilities of the current process: %v", err)
 	}
 
-	haveBpfCap := data[0].Permitted&unix.CAP_BPF != 0
+	capBpfMask := uint32(1 << (unix.CAP_BPF - 32))
+	capSysAdminMask := uint32(1 << unix.CAP_SYS_ADMIN)
+	haveBpfCap := (data[1].Permitted&capBpfMask != 0) || (data[0].Permitted&capSysAdminMask != 0)
 	if !haveBpfCap {
 		return fmt.Errorf("the current user does not have CAP_BPF to load bpf programs. Please run as root or use sudo or add the --privileged=true flag for Docker.")
 	}