Comment 5 for bug 436977

For 1,2,3: the general categories seem to be:
 a) libvirt (can't these operations be done with euca in the libvirt group?)
 b) vlan, bridge, ip configurations: CAP_NET_ADMIN + CAP_NET_RAW should be sufficient for these commands.
 c) LVM: CAP_SYS_ADMIN should be sufficient.
 d) dd: why does this need root privs?

Is the AOE manager used?
 e) process management: should use some kind of sanity-wrapper with CAP_KILL (is this really needed? kill -9 is pretty harsh)
 f) module loading: should be done via packaging not via call-outs to modprobe (also note CAP_SYS_MODULE)

Having the wrapper select caps based on the path of the command seems like a starting point. Getting rid of needless wrapper calls would be nice too: "which", "cat", "dd"...