To configure the features, there is a macro spec file, %caps ; for some reason this seems to be mostly described in the release notes and changes, so it took me a while to find it.
It is used in this file:
%caps(cap_net_admin=pe) %{_sbindir}/foobar
To use make install to use setcap only when calling root, you can do something like this:
@if test `id -u` -eq 0; then \ setcap cap_net_admin=pe $(DEST_SBINDIR)/foobar ; \ fi