dgr fails to start even though setuid bit is set

[svvac]

I installed dgr with exec permissions restricted to a dedicated group and set the setuid bit on the binary, hoping this would spare me the sudo stuff. Even though, dgr fails complaining about needing root.

$ file /usr/bin/dgr
/usr/bin/dgr: setuid ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, no section header

$ ls -al /usr/bin/dgr
-rwsr-xr-- 1 root dgr 21M Nov 27 19:57 /usr/bin/dgr*

[PaulGrandperrin]

I don't see any reference to setuid() or geteuid() in the source code, so I guess that's normal that it doesn't work ;-)
It could be added easily through...

[svvac]

Right. If changes are involved, might as well do this the proper way and check for actually required capabilities to run the tool instead of just checking uid=0?

[PaulGrandperrin]

I'm not sure it would be worth the effort to find and check individually for all the required capabilities when most users will just run it as root anyway.
Do you have a specific use case in mind?

[svvac]

Well, production use with locked-down permissions. I guest the target is more disposable VM build hosts than uid-namespaced containers?