Regular user cannot run "ip" commands with setcap - Red Hat Customer Portal

Issue

Regular user cannot run "ip" commands with setcap
We set Linux capabilites with setcap cap_net_admin,cap_net_raw=eip /usr/sbin/ip so that regular unprivileged users can run ip commands. This used to work with iproute-5.12.0-4.el8 but does not work anymore.
The ip command as normal user fails with RTNETLINK answers: Operation not permitted

Environment

Red Hat Enterprise Linux 8
iproute-5.15.0-4.el8
iproute-5.18.0-1.1.el8_8
Capabilities NET_ADMIN on ip binary

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content

Quick Links

Help

Site Info

Related Sites

Copyright © 2026 Red Hat

Here are the common uses of Markdown.

Code blocks

~~~
Code surrounded in tildes is easier to read
~~~

Links/URLs

[Red Hat Customer Portal](https://access.redhat.com)