Bind a non-root service to an Internet domain privileged port (sub-1024) in Linux

The OCD person within me likes having web interfaces on port 80, so you don't have to have annoying port numbers at the end of URL's. To do this in Linux, the application needs to be either running as root, or the permission to do so needs to be granted explicitly to it. This is because ports below 1024 are privileged ports. So, to get your service on the 80 port, the binary needs to be granted the CAPNETBIND_SERVICE privilege.

To grant this privilege, you run the setcap command in the below format:

setcap 'cap_net_bind_service=+ep' /path/to/program

For example, to run the XBMC web interface on port 80, you run the below command:

setcap 'cap_net_bind_service=+ep' /usr/bin/xbmc

Credit to Paul Tomblin on ServerFault for this solution.