Description of problem: man setcap should be improved. It needs: * explanation and examples of both adding and removing capabilities * guidance about how to set the capabilities so that they are not passed to child processes * big warning about inheritance * mention that chown removes capabilities * mention how mount suid/nosuid affects capabilities
* Describe setcap options (-q, -r #454438).
I've left this open with the intention of fixing it when I have some spare time. It doesn't look like that will happen anytime soon, sorry.