From 257ae828c7c4130cf22de03394db416ac90134bf Mon Sep 17 00:00:00 2001
From: Olli Janatuinen <olli.janatuinen@gmail.com>
Date: Tue, 18 Nov 2025 09:03:02 +0000
Subject: [PATCH] fix: non-root listen port < 1024

---
 Dockerfile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 09b9403..faf97d5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,8 +2,12 @@ FROM ubuntu:latest
 # liz rice knows best
 # https://medium.com/@lizrice/non-privileged-containers-based-on-the-scratch-image-a80105d6d341
 RUN useradd -u 10001 scratchuser
-FROM scratch
+RUN apt-get update \
+    && apt-get install -y libcap2-bin
 COPY nacp /nacp
+RUN setcap cap_net_bind_service=+ep /nacp
+FROM scratch
+COPY --from=0 /nacp /nacp
 COPY --from=0 /etc/passwd /etc/passwd
 USER scratchuser
 ENTRYPOINT ["/nacp"]