tcpdump mailing list archives

Previous By Date Next
Previous By Thread Next

-G and -C options

From: Michal Ruprich <michalruprich () gmail com>
Date: Mon, 16 Sep 2019 13:07:35 +0200
Hi,

with -C option, the manpage says "Note that when used with -Z option
(enabled by default), privilegesĀ  areĀ  droppedĀ  before opening first
savefile." So when I run tcpdump as root like this:

# tcpdump -n -i eth0 -s 0 -C 3 -w /opt/tcpdump%F--%T.pcap

I immediately get 'Permission' denied error - as expected.

Now with -G, I think that the behavior should be similar but tcpdump
drops root privileges after creating the first file:

# tcpdump -n -i eth0 -s 0 -G 3 -w /opt/tcpdump%F--%T.pcap

tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size
262144 bytes
tcpdump: /opt/tcpdump2019-09-16--07:03:32.pcap: Permission denied

# ls /opt

tcpdump2019-09-16--07:03:29.pcap

So with -G I get just the first file created. -C and -G have a very
similar rotation logic so perhaps the behavior should be similar as
well? Or at least this could be mentioned in the manpage under -G - the
fact that at least one file will be created.


Thanks for any comments about this.

Michal Ruprich


_______________________________________________
tcpdump-workers mailing list
tcpdump-workers () lists tcpdump org
https://lists.sandelman.ca/mailman/listinfo/tcpdump-workers
Previous By Date Next
Previous By Thread Next

Current thread: