Setcap (libcap) - Failed to set capabilities on file: Not supported


i have a x86-64 custom build that needs 'setcap'.

Any idea why it throws 'not supported'?

OpenWrt SNAPSHOT, r22454-9186da4027
Linux OpenWrt 5.15.104 #0 SMP Wed Mar 29 17:36:33 2023 x86_64 GNU/Linux

# setcap cap_sys_nice=eip /bin/chrt
Failed to set capabilities on file '/bin/chrt': Not supported

Kconfig includes:


Filesystem (ext4):

# tune2fs -l /dev/vda2 |grep -A2 "Filesystem features:"
Filesystem features:      has_journal ext_attr resize_inode dir_index orphan_file filetype needs_recovery extent 64bit flex_bg metadata_csum_seed sparse_super large_file huge_file dir_nlink extra_isize metadata_csum orphan_present
Filesystem flags:         signed_directory_hash 
Default mount options:    journal_data_writeback user_xattr acl
1 Like

CONFIG_KERNEL_EXT4_FS_SECURITY=y is needed for setcap/setxattr "security.capability" namespace prefix.

strace shows:
setxattr("/bin/chrt", "security.capability", "\1\0\0\2\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0", 20, 0) = -1 EOPNOTSUPP (Not supported)

setxattr(2) says:

       The namespace prefix of name is not valid.

       Extended attributes are not supported by the filesystem,
       or are disabled

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.