Not needing root to administer Linux - the home of libcap
This site is devoted to announcing new versions of libcap (both C and Go implementations), and sharing information about using Linux Capabilities -- an alternative to the superuser model of privilege under Linux.
You can read about Linux Capabilities in this OLS paper.
Serge wrote a related article for Linux Journal.
You can download libcap(2) in the following ways:
We also provide a helper library for supporting POSIX semantics when libcap is used in threaded applications (linked against libpthread): libpsx.
This library can be used to support POSIX semantics for system calls not supported by the standard C libraries.
Some Go walk-through examples for manipulating privilege under Linux.
Feature requests and known issues are tracked here.
The Linux capability implementation is based on a defunct draft POSIX.1e specification for various UN*X security extensions
The SPDX-License-Identifier for libcap, libpsx, the cap and psx Go packages are all the same: "BSD-3-Clause OR GPL-2.0-only" . Note, pam_cap.so has its own license.