NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: bin/48005 (tcpdump: option -C broken)

The following reply was made to PR bin/48005; it has been noted by GNATS.

From: "David H. Gutteridge" <>
Subject: Re: bin/48005 (tcpdump: option -C broken)
Date: Wed, 22 Feb 2017 00:40:27 -0500

 The reason option -C isn't working for you as you'd expect is because
 NetBSD's tcpdump drops privileges and runs chrooted as _tcpdump. So
 after the first output file has been opened, the process no longer has
 the access permissions to open further files.
 That's noted in the man page under the -Z option, though it's actually
 a bit misleading, since the man page first states that privileges are
 dropped before opening any output files, but that's not the case for
 NetBSD. By default you'll end up with the first output file, and then
 output will stop once that file's full, as you've found.
 To work around that, you can run tcpdump with "-Z root", which I just
 tested, and indeed it writes further output files. Though what
 happened for me was it wrote the first file where I specified, and
 then the rest under /var/chroot/tcpdump, since it ends up running in
 the chroot, but with root privileges.

Home | Main Index | Thread Index | Old Index