No hay mucho que decir sobre el principio de capacidad, el puerto 80 se puede ocupar usando cap_net_bind_service. Los resultados de la prueba son los siguientes
[xiehq@140 nginx]$ ps -ef|grep nginx;getcap sbin/nginx
xiehq 59599 59325 0 01:32 pts/1 00:00:00 grep --color=auto nginx
sbin/nginx = cap_net_bind_service+eip
[xiehq@140 nginx]$ sbin/nginx -p /home/xiehq/nginx
[xiehq@140 nginx]$ curl localhost
<!DOCTYPE html>
<html>
<head>
<title>Welcome to nginx!</title>
<style>
body {
width: 35em;
margin: 0 auto;
font-family: Tahoma, Verdana, Arial, sans-serif;
}
</style>
</head>
<body>
<h1>Welcome to nginx!</h1>
<p>If you see this page, the nginx web server is successfully installed and
working. Further configuration is required.</p>
<p>For online documentation and support please refer to
<a href="http://nginx.org/">nginx.org</a>.<br/>
Commercial support is available at
<a href="http://nginx.com/">nginx.com</a>.</p>
<p><em>Thank you for using nginx.</em></p>
</body>
</html>
[root@140 ~]# netstat -anlp|grep LISTEN|grep 80
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 59604/nginx: master
unix 2 [ ACC ] STREAM LISTENING 68735 20074/containerd-sh @/containerd-shim/moby/0de0c27b3c769f076bd10337c329aabb92809904f5d413a9575b587275ce2804/shim.sock
unix 2 [ ACC ] STREAM LISTENING 57680 9162/dockerd /var/run/docker/libnetwork/ce3bdb67a0ea.sock
unix 2 [ ACC ] STREAM LISTENING 53080 9426/master private/bounce
[xiehq@140 nginx]$ ps -ef|grep nginx
xiehq 59604 1 0 01:32 ? 00:00:00 nginx: master process sbin/nginx -p /home/xiehq/nginx
xiehq 59605 59604 0 01:32 ? 00:00:00 nginx: worker process
xiehq 59619 59325 0 01:33 pts/1 00:00:00 grep --color=auto nginx