Re: How to debug program that has linux Capabilities
> Create a hello world binary.
> Give it linux capabilities e.g. with setcap command.
> valgrind the binary with caps.
> It will fail.:
> Afair I tried also giving SUID flags, and all CAPs to valgrind* and it's /lib/ binaries and all, but nothing worked.
The capabilities are attached to the process by the Linux kernel
from the file in the filesystem when the kernel performs the
syscall execve(filename,,). Neither valgrind nor its tools
If a capability is inheritable, then attaching it to the filename
of some valgrind execve() in the dynamic chain of execve()s (see
"strace -e trace=execve valgrind ...") should work.
Otherwise, investigate prctl(PR_CAP_AMBIENT_RAISE,) etc.
Logically you want valgrind to prctl(PR_CAP_SET_ATTACH,)
but that apparently does not exist.