diff --git a/internal/vpn/os_client_linux.go b/internal/vpn/os_client_linux.go
index 1ad1da8ee..2ce6cd223 100644
--- a/internal/vpn/os_client_linux.go
+++ b/internal/vpn/os_client_linux.go
@@ -63,14 +63,16 @@ func setupClientSysPrivileges() (suid int, err error) {
 
 		// set `CAP_NET_ADMIN` capability to needed caps sets.
 		caps.Set(capability.CAPS|capability.BOUNDS|capability.AMBIENT, capability.CAP_NET_ADMIN)
-		if err := caps.Apply(capability.CAPS | capability.BOUNDS | capability.AMBIENT); err != nil {
-			return 0, fmt.Errorf("failed to apply capabilties: %w", err)
+		if e := caps.Apply(capability.CAPS | capability.BOUNDS | capability.AMBIENT); e != nil {
+			err = fmt.Errorf("failed to apply capabilties: %w", e)
+			return
 		}
 
 		// let child process keep caps sets from the parent, so we may do calls to
 		// system utilities with these caps.
-		if err := unix.Prctl(unix.PR_SET_KEEPCAPS, 1, 0, 0, 0); err != nil {
-			return 0, fmt.Errorf("failed to set PR_SET_KEEPCAPS: %w", err)
+		if e := unix.Prctl(unix.PR_SET_KEEPCAPS, 1, 0, 0, 0); e != nil {
+			err = fmt.Errorf("failed to set PR_SET_KEEPCAPS: %w", e)
+			return
 		}
 	})