Yes, sure.
Also, I am using linux kernel with PAE support, because I have 8Gb of RAM and want it all available on my 32-bit Ubuntu installation: ii linux-generic-pae 2.6.32.29.35
# strace setcap 'cap_net_bind_service=+ep' /tmp/prog.x execve("/sbin/setcap", ["setcap", "cap_net_bind_service=+ep", "/tmp/prog.x"], [/* 30 vars */]) = 0 brk(0) = 0x92e3000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap2(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7749000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=59373, ...}) = 0 mmap2(NULL, 59373, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb773a000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libcap.so.2", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 \17\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=13852, ...}) = 0 mmap2(NULL, 16688, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb7735000 mmap2(0xb7738000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2) = 0xb7738000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000m\1\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1405508, ...}) = 0 mmap2(NULL, 1415592, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb75db000 mprotect(0xb772e000, 4096, PROT_NONE) = 0 mmap2(0xb772f000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x153) = 0xb772f000 mmap2(0xb7732000, 10664, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xb7732000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/libattr.so.1", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\r\0\0004\0\0\0"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0644, st_size=17860, ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75da000 mmap2(NULL, 20588, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0xb75d4000 mmap2(0xb75d8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3) = 0xb75d8000 close(3) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75d3000 set_thread_area({entry_number:-1 -> 6, base_addr:0xb75d36c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 mprotect(0xb75d8000, 4096, PROT_READ) = 0 mprotect(0xb772f000, 8192, PROT_READ) = 0 mprotect(0xb7738000, 4096, PROT_READ) = 0 mprotect(0x804a000, 4096, PROT_READ) = 0 mprotect(0xb7767000, 4096, PROT_READ) = 0 munmap(0xb773a000, 59373) = 0 brk(0) = 0x92e3000 brk(0x9304000) = 0x9304000 capget(0x20080522, 0, NULL) = -1 EFAULT (Bad address) capget(0x20080522, 0, {CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, 0}) = 0 capget(0x20080522, 0, NULL) = -1 EFAULT (Bad address) capset(0x20080522, 0, {CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, 0}) = 0 lstat64("/tmp/prog.x", {st_mode=S_IFREG|0755, st_size=2660914327, ...}) = 0 write(2, "Failed to set capabilities on fi"..., 89Failed to set capabilities on file `/tmp/prog.x' (Value too large for defined data type) ) = 89 write(2, "usage: setcap [-q] [-v] (-r|-|<c"..., 140usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ]
Note <filename> must be a regular (non-symlink) file. ) = 140 exit_group(1)
Yes, sure.
Also, I am using linux kernel with PAE support, because I have 8Gb of RAM and want it all available on my 32-bit Ubuntu installation:
ii linux-generic-pae 2.6.32.29.35
# strace setcap 'cap_net_ bind_service= +ep' /tmp/prog.x "/sbin/ setcap" , ["setcap", "cap_net_ bind_service= +ep", "/tmp/prog.x"], [/* 30 vars */]) = 0 "/etc/ld. so.nohwcap" , F_OK) = -1 ENOENT (No such file or directory) PROT_WRITE, MAP_PRIVATE| MAP_ANONYMOUS, -1, 0) = 0xb7749000 "/etc/ld. so.preload" , R_OK) = -1 ENOENT (No such file or directory) etc/ld. so.cache" , O_RDONLY) = 3 S_IFREG| 0644, st_size=59373, ...}) = 0 "/etc/ld. so.nohwcap" , F_OK) = -1 ENOENT (No such file or directory) lib/libcap. so.2", O_RDONLY) = 3 1\1\1\0\ 0\0\0\0\ 0\0\0\0\ 3\0\3\0\ 1\0\0\0 \17\0\0004\ 0\0\0". .., 512) = 512 S_IFREG| 0644, st_size=13852, ...}) = 0 PROT_EXEC, MAP_PRIVATE| MAP_DENYWRITE, 3, 0) = 0xb7735000 PROT_WRITE, MAP_PRIVATE| MAP_FIXED| MAP_DENYWRITE, 3, 0x2) = 0xb7738000 "/etc/ld. so.nohwcap" , F_OK) = -1 ENOENT (No such file or directory) lib/tls/ i686/cmov/ libc.so. 6", O_RDONLY) = 3 1\1\1\0\ 0\0\0\0\ 0\0\0\0\ 3\0\3\0\ 1\0\0\0000m\ 1\0004\ 0\0\0". .., 512) = 512 S_IFREG| 0755, st_size=1405508, ...}) = 0 PROT_EXEC, MAP_PRIVATE| MAP_DENYWRITE, 3, 0) = 0xb75db000 0xb772e000, 4096, PROT_NONE) = 0 PROT_WRITE, MAP_PRIVATE| MAP_FIXED| MAP_DENYWRITE, 3, 0x153) = 0xb772f000 PROT_WRITE, MAP_PRIVATE| MAP_FIXED| MAP_ANONYMOUS, -1, 0) = 0xb7732000 "/etc/ld. so.nohwcap" , F_OK) = -1 ENOENT (No such file or directory) lib/libattr. so.1", O_RDONLY) = 3 1\1\1\0\ 0\0\0\0\ 0\0\0\0\ 3\0\3\0\ 1\0\0\0\ 360\r\0\ 0004\0\ 0\0"... , 512) = 512 S_IFREG| 0644, st_size=17860, ...}) = 0 PROT_WRITE, MAP_PRIVATE| MAP_ANONYMOUS, -1, 0) = 0xb75da000 PROT_EXEC, MAP_PRIVATE| MAP_DENYWRITE, 3, 0) = 0xb75d4000 PROT_WRITE, MAP_PRIVATE| MAP_FIXED| MAP_DENYWRITE, 3, 0x3) = 0xb75d8000 PROT_WRITE, MAP_PRIVATE| MAP_ANONYMOUS, -1, 0) = 0xb75d3000 area({entry_ number: -1 -> 6, base_addr: 0xb75d36c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0 0xb75d8000, 4096, PROT_READ) = 0 0xb772f000, 8192, PROT_READ) = 0 0xb7738000, 4096, PROT_READ) = 0 0xb7767000, 4096, PROT_READ) = 0 CAP_DAC_ OVERRIDE| CAP_DAC_ READ_SEARCH| CAP_FOWNER| CAP_FSETID| CAP_KILL| CAP_SETGID| CAP_SETUID| CAP_SETPCAP| CAP_LINUX_ IMMUTABLE| CAP_NET_ BIND_SERVICE| CAP_NET_ BROADCAST| CAP_NET_ ADMIN|CAP_ NET_RAW| CAP_IPC_ LOCK|CAP_ IPC_OWNER| CAP_SYS_ MODULE| CAP_SYS_ RAWIO|CAP_ SYS_CHROOT| CAP_SYS_ PTRACE| CAP_SYS_ PACCT|CAP_ SYS_ADMIN| CAP_SYS_ BOOT|CAP_ SYS_NICE| CAP_SYS_ RESOURCE| CAP_SYS_ TIME|CAP_ SYS_TTY_ CONFIG| CAP_MKNOD| CAP_LEASE| CAP_AUDIT_ WRITE|CAP_ AUDIT_CONTROL| CAP_SETFCAP, CAP_CHOWN| CAP_DAC_ OVERRIDE| CAP_DAC_ READ_SEARCH| CAP_FOWNER| CAP_FSETID| CAP_KILL| CAP_SETGID| CAP_SETUID| CAP_SETPCAP| CAP_LINUX_ IMMUTABLE| CAP_NET_ BIND_SERVICE| CAP_NET_ BROADCAST| CAP_NET_ ADMIN|CAP_ NET_RAW| CAP_IPC_ LOCK|CAP_ IPC_OWNER| CAP_SYS_ MODULE| CAP_SYS_ RAWIO|CAP_ SYS_CHROOT| CAP_SYS_ PTRACE| CAP_SYS_ PACCT|CAP_ SYS_ADMIN| CAP_SYS_ BOOT|CAP_ SYS_NICE| CAP_SYS_ RESOURCE| CAP_SYS_ TIME|CAP_ SYS_TTY_ CONFIG| CAP_MKNOD| CAP_LEASE| CAP_AUDIT_ WRITE|CAP_ AUDIT_CONTROL| CAP_SETFCAP, 0}) = 0 CAP_DAC_ OVERRIDE| CAP_DAC_ READ_SEARCH| CAP_FOWNER| CAP_FSETID| CAP_KILL| CAP_SETGID| CAP_SETUID| CAP_SETPCAP| CAP_LINUX_ IMMUTABLE| CAP_NET_ BIND_SERVICE| CAP_NET_ BROADCAST| CAP_NET_ ADMIN|CAP_ NET_RAW| CAP_IPC_ LOCK|CAP_ IPC_OWNER| CAP_SYS_ MODULE| CAP_SYS_ RAWIO|CAP_ SYS_CHROOT| CAP_SYS_ PTRACE| CAP_SYS_ PACCT|CAP_ SYS_ADMIN| CAP_SYS_ BOOT|CAP_ SYS_NICE| CAP_SYS_ RESOURCE| CAP_SYS_ TIME|CAP_ SYS_TTY_ CONFIG| CAP_MKNOD| CAP_LEASE| CAP_AUDIT_ WRITE|CAP_ AUDIT_CONTROL| CAP_SETFCAP, CAP_CHOWN| CAP_DAC_ OVERRIDE| CAP_DAC_ READ_SEARCH| CAP_FOWNER| CAP_FSETID| CAP_KILL| CAP_SETGID| CAP_SETUID| CAP_SETPCAP| CAP_LINUX_ IMMUTABLE| CAP_NET_ BIND_SERVICE| CAP_NET_ BROADCAST| CAP_NET_ ADMIN|CAP_ NET_RAW| CAP_IPC_ LOCK|CAP_ IPC_OWNER| CAP_SYS_ MODULE| CAP_SYS_ RAWIO|CAP_ SYS_CHROOT| CAP_SYS_ PTRACE| CAP_SYS_ PACCT|CAP_ SYS_ADMIN| CAP_SYS_ BOOT|CAP_ SYS_NICE| CAP_SYS_ RESOURCE| CAP_SYS_ TIME|CAP_ SYS_TTY_ CONFIG| CAP_MKNOD| CAP_LEASE| CAP_AUDIT_ WRITE|CAP_ AUDIT_CONTROL| CAP_SETFCAP, 0}) = 0 "/tmp/prog. x", {st_mode= S_IFREG| 0755, st_size=2660914327, ...}) = 0
execve(
brk(0) = 0x92e3000
access(
mmap2(NULL, 8192, PROT_READ|
access(
open("/
fstat64(3, {st_mode=
mmap2(NULL, 59373, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb773a000
close(3) = 0
access(
open("/
read(3, "\177ELF\
fstat64(3, {st_mode=
mmap2(NULL, 16688, PROT_READ|
mmap2(0xb7738000, 8192, PROT_READ|
close(3) = 0
access(
open("/
read(3, "\177ELF\
fstat64(3, {st_mode=
mmap2(NULL, 1415592, PROT_READ|
mprotect(
mmap2(0xb772f000, 12288, PROT_READ|
mmap2(0xb7732000, 10664, PROT_READ|
close(3) = 0
access(
open("/
read(3, "\177ELF\
fstat64(3, {st_mode=
mmap2(NULL, 4096, PROT_READ|
mmap2(NULL, 20588, PROT_READ|
mmap2(0xb75d8000, 8192, PROT_READ|
close(3) = 0
mmap2(NULL, 4096, PROT_READ|
set_thread_
mprotect(
mprotect(
mprotect(
mprotect(0x804a000, 4096, PROT_READ) = 0
mprotect(
munmap(0xb773a000, 59373) = 0
brk(0) = 0x92e3000
brk(0x9304000) = 0x9304000
capget(0x20080522, 0, NULL) = -1 EFAULT (Bad address)
capget(0x20080522, 0, {CAP_CHOWN|
capget(0x20080522, 0, NULL) = -1 EFAULT (Bad address)
capset(0x20080522, 0, {CAP_CHOWN|
lstat64(
write(2, "Failed to set capabilities on fi"..., 89Failed to set capabilities on file `/tmp/prog.x' (Value too large for defined data type)
) = 89
write(2, "usage: setcap [-q] [-v] (-r|-|<c"..., 140usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ]
Note <filename> must be a regular (non-symlink) file.
) = 140
exit_group(1)