It's considered really bad practice running a daemon with more privileges than the needed ones. Heimdal's daemons shouldn't at least when capabilities are available run as root. Reproducible: Always Steps to Reproduce: 1. USE="caps" emerge heimdal 2. ls -ld /var/heimdal (or similar) Actual Results: drwxr-xr-x 1 root root 50 30 maj 21.14 /var/heimdal/ Expected Results: drwxr-x--- 1 heimdal heimdal 50 30 maj 21.14 /var/heimdal/ Just an example the init.d files also need being changed.