I am in a difficult situation where I don't know what linux capabilities a process requires to work. What is the best way, or any way to find out what cap is required?
The only thing I can think of right now is using capsh and drop all caps on a process. The process then fails and I start to add caps (by removing --drop=CAP_XZY) until it works.
Any better suggestions?
See Question&Answers more detail:os