Alex B Alex B - 6 months ago 31
Linux Question

Is it possible to configure Linux capabilities per user?

There appears to be support for fine-grained capabilities in Linux kernel, which allows granting privileges to a process to do things like, for example, opening raw sockets or raising thread priority without granting the process root privileges.

However what I'd like to know if there is a way to grant per-user capabilities. That is, allow non-root and non-suid processes to acquire those capabilities.

Answer

There's limits.conf, it is possible to restrict some resources for a user or a group through it.

Check out man limits.conf