tcpdump mailing list archives
Re: Capturing without having superuser rights
From: Gerald Combs <gerald () wireshark org>
Date: Wed, 15 Oct 2008 07:40:07 -0700
Under Linux you can use POSIX capabilities to capture as non-root. CAP_NET_RAW lets you capture, and CAP_NET_ADMIN lets you use promiscuous mode. Damien ANCELIN wrote:
To give you more informations : - "metrology platform" will be a computer that can be used by many users to capture packets (coming from a mirroring port of a switch). - It's currently running on an linux debian. It seems there is no common manner to do this in a simple way (I will have a look on that kernel patch). Thanks for your help Damien sthaug () nethelp no a écrit :As I'm developping on libpcap to provide a metrology plateform, I was wondering if there is a manner to enable a specific user (or a specific group) to capture from a network interfaces (even in promiscuous mode), without using sudo. I'm trying to do this with udev, but I'm not shure it can works. Does anybody have an idea ?Depends on the platform you are on. On FreeBSD all you need is read write permission to the /dev/bpf* devices.And for *capturing* you really only need read permission. Steinar Haug, Nethelp consulting, sthaug () nethelp no - This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
- This is the tcpdump-workers list. Visit https://cod.sandelman.ca/ to unsubscribe.
Current thread:
- Capturing without having superuser rights Damien ANCELIN (Oct 14)
- Re: Capturing without having superuser rights Max Laier (Oct 14)
- Re: Capturing without having superuser rights Robin Sommer (Oct 14)
- Re: Capturing without having superuser rights sthaug (Oct 14)
- Re: Capturing without having superuser rights Damien ANCELIN (Oct 15)
- Re: Capturing without having superuser rights Gerald Combs (Oct 15)
- Re: Capturing without having superuser rights Damien ANCELIN (Oct 15)
- Re: Capturing without having superuser rights Max Laier (Oct 14)
- Re: Capturing without having superuser rights Guy Harris (Oct 15)
- Re: Capturing without having superuser rights Jesse Kempf (Oct 15)