$ setcap 'cap_net_bind_service=+ep' cells
$ chown pydio.pydio cells
$ ss -ntlp -f inet '( sport = :443 )'|grep ^LISTEN` # no output
sudo -u pydio -g pydio cells start --log debug
ERROR: Cannot bind to port 443.
Reason chown (after setcap) remove preexisting capabilities.
I thought I’d mention that here.
Hello @drzraf,
Thank you for the hint, indeed if you alter the binary after you have modified the capabilities, it seems that they are removed and need to be set back.
If you are using Cells with systemd it is easier and advised to set in the .service file the following directive, AmbientCapabilites=CAP_NET_BIND_SERVICE.