diff --git a/daemon/cap.c b/daemon/cap.c
index d1f03989b..1d732c584 100644
--- a/daemon/cap.c
+++ b/daemon/cap.c
@@ -48,6 +48,18 @@ do_cap_get_file (const char *path)
   CHROOT_OUT;
 
   if (cap == NULL) {
+    /* The getcap utility (part of libcap) ignores ENODATA.  It just
+     * means there is no capability attached to the file (RHBZ#989356).
+     */
+    if (errno == ENODATA) {
+      ret = strdup ("");
+      if (ret == NULL) {
+        reply_with_perror ("strdup");
+        return NULL;
+      }
+      return ret;
+    }
+
     reply_with_perror ("%s", path);
     return NULL;
   }
diff --git a/generator/actions.ml b/generator/actions.ml
index ff0084bc0..17375e48b 100644
--- a/generator/actions.ml
+++ b/generator/actions.ml
@@ -10985,7 +10985,9 @@ attached to directory C<dir>." };
     shortdesc = "get the Linux capabilities attached to a file";
     longdesc = "\
 This function returns the Linux capabilities attached to C<path>.
-The capabilities set is returned in text form (see L<cap_to_text(3)>)." };
+The capabilities set is returned in text form (see L<cap_to_text(3)>).
+
+If no capabilities are attached to a file, an empty string is returned." };
 
   { defaults with
     name = "cap_set_file";