Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED] Tcpdump -w permission denied
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Unsupported Software
View previous topic :: View next topic  
Author Message
ats2
Apprentice
Apprentice


Joined: 22 Apr 2005
Posts: 297

PostPosted: Mon Jun 17, 2013 4:08 pm    Post subject: [SOLVED] Tcpdump -w permission denied Reply with quote

Hi all,

I have a strange behaviour with tcpdump on a gentoo box.

Code:
tcpdump -i eth0 -s0 -w /TMP/mydump.pcap


gives me permission denied. When I run it with strace, I get at the end:


Code:
fcntl64(3, F_GETFL)                     = 0x2 (flags O_RDWR)
fcntl64(3, F_SETFL, O_RDWR|O_NONBLOCK)  = 0
recv(3, 0x3fa4806f, 1, MSG_TRUNC)       = -1 EAGAIN (Resource temporarily unavailable)
fcntl64(3, F_SETFL, O_RDWR)             = 0
setsockopt(3, SOL_SOCKET, SO_ATTACH_FILTER, "\1\0\0\0HE\34\10", 8) = 0
open("/TMP/mydump.pcap", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = -1 EACCES (Permission denied)
write(2, "tcpdump: ", 9tcpdump: )                = 9
write(2, "/TMP/mydump.pcap: Pe"..., 47/TMP/mydump.pcap: Permission denied) = 47
write(2, "\n", 1
)                       = 1
exit_group(1)                           = ?
+++ exited with 1 +++



The /TMP directory is owned by tcpdump and is writable...

Would you have any idea on how to solve this ?

Thanks. :)


Last edited by ats2 on Mon Jun 17, 2013 8:23 pm; edited 1 time in total
Back to top
View user's profile Send private message
mike155
Advocate
Advocate


Joined: 17 Sep 2010
Posts: 4438
Location: Frankfurt, Germany

PostPosted: Mon Jun 17, 2013 5:07 pm    Post subject: Reply with quote

Which USE flags does your tcpdump package have? chroot? suid?

Do you start tcpdump from 'root' or from a non-privileged user?
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 54122
Location: 56N 3W

PostPosted: Mon Jun 17, 2013 6:55 pm    Post subject: Reply with quote

ats2,

tcpdump usually puts the interface into promiscious mode. That requires root privs.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
ats2
Apprentice
Apprentice


Joined: 22 Apr 2005
Posts: 297

PostPosted: Mon Jun 17, 2013 8:23 pm    Post subject: Reply with quote

Thanks guys, found it: it was compiled with chroot use flag. recompiling it without solved the problem.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Unsupported Software All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum