Re: bin/48005 (tcpdump: option -C broken)

To: gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost,joern.clausen%uni-bielefeld.de@localhost
Subject: Re: bin/48005 (tcpdump: option -C broken)
From: "David H. Gutteridge" <dhgutteridge%sympatico.ca@localhost>
Date: Wed, 22 Feb 2017 05:45:00 +0000 (UTC)

The following reply was made to PR bin/48005; it has been noted by GNATS.

From: "David H. Gutteridge" <dhgutteridge%sympatico.ca@localhost>
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: bin/48005 (tcpdump: option -C broken)
Date: Wed, 22 Feb 2017 00:40:27 -0500

 The reason option -C isn't working for you as you'd expect is because
 NetBSD's tcpdump drops privileges and runs chrooted as _tcpdump. So
 after the first output file has been opened, the process no longer has
 the access permissions to open further files.

 That's noted in the man page under the -Z option, though it's actually
 a bit misleading, since the man page first states that privileges are
 dropped before opening any output files, but that's not the case for
 NetBSD. By default you'll end up with the first output file, and then
 output will stop once that file's full, as you've found.

 To work around that, you can run tcpdump with "-Z root", which I just
 tested, and indeed it writes further output files. Though what
 happened for me was it wrote the first file where I specified, and
 then the rest under /var/chroot/tcpdump, since it ends up running in
 the chroot, but with root privileges.

 Dave

Follow-Ups:
- Re: bin/48005 (tcpdump: option -C broken)
  - From: Jörn Clausen

Prev by Date: Re: bin/50934 (pkill/pgrep segfaults in some cases)
Next by Date: port-evbarm/51990: Regression data_abort_handler: data_aborts fsr=0x406 far=0xbfffeff5 on copyout in init
Previous by Thread: PR/51989 CVS commit: src/share/man/man9
Next by Thread: Re: bin/48005 (tcpdump: option -C broken)
Indexes:

Home | Main Index | Thread Index | Old Index