Re: Error socket: Operation not permitted

["Steve Bonds" <pow7yec02 () sneakemail com>]

Yes, you have to be root.

Or, to quote the fine man page (note the "Under Linux" section):

-----
DESCRIPTION
       Tcpdump prints out the headers of  packets  on  a  network
       interface that match the boolean expression.

       Under  SunOS with nit or bpf: To run tcpdump you must have
       read access to /dev/nit or /dev/bpf*.  Under Solaris  with
       dlpi:  You  must  have  read/write  access  to the network
       pseudo device, e.g.  /dev/le.  Under HP-UX with dlpi:  You
       must  be  root  or  it  must  be installed setuid to root.
       Under IRIX with snoop: You must be  root  or  it  must  be
       installed  setuid  to root.  Under Linux: You must be root
       or it must be installed setuid to root.  Under Ultrix  and
       Digital UNIX: Once the super-user has enabled promiscuous-
       mode operation using pfconfig(8), any user  may  run  tcp-
       dump.   Under BSD: You must have read access to /dev/bpf*.
-----

  -- Steve

On Wed, 26 Feb 2003, Jeff Wong jwong-at-high-tower.com |TCPdump Workers| wrote:

> Hello,
> I am running on a linux system.
> I am trying to execute the command pcap_open_live and I'm getting the
> error socket: Operation not permitted in my errorbuffer.
> I am running as a regular user and I'm not sure if I have to be root
> instead.


-
This is the TCPDUMP workers list. It is archived at
http://www.tcpdump.org/lists/workers/index.html
To unsubscribe use mailto:tcpdump-workers-request () tcpdump org?body=unsubscribe