[M95D]

And why does it have to be that complicated? Why can't we just

  echo "CAP_KILL CAP_SYS_NICE /usr/bin/htop" >> /proc/sys/kernel/some_file
  echo "CAP_FOWNER CAP_CHOWN /usr/bin/mc" >> /proc/sys/kernel/some_file

or simply

  cp /etc/caps /proc/sys/kernel/caps

to apply all of them at once?