Just skimmed through strace.log: /usr/bin/wine doesn't bind to the socket itself. It executes other binaries. One of the binaries does the binding. Permitted capabilities are not applied to such "sub" processes. (They would survive a clone or fork.) But, capabilities with the inheritable flag are.
You could do: a) set the inheritable flag for the capability, so it would be applied for "sub" processes or b) set the permitted capability on the binary actually binding to the socket (Which should be /usr/bin/wine-preloader, if I've read the log correctly.) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/695581 Title: setcap does not provide WINE access to port < 1024 for Hotspot Shield To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libcap2/+bug/695581/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
