Andrei Dziahel
2014-01-28 17:18:12 UTC
Hello list,
I'm Ubuntu fugitive and frequent user of mtr utility
(https://build.opensuse.org/package/show/network:utilities/mtr). In
ubuntu mtr could be run by restricted user, but not in OpenSUSE,
complaining with "unable to get raw sockets" message.
By adding cap_net_raw capability to /usr/sbin/mtr with
removing suid bit and making all users run it with
I'm almost sure that capabilities cannot be transferred across rpm
which means I should add libcap-progs as a runtime dependency, and
update permissions/add capability during package installation. Am I
right?
Thanks in advance.
I'm Ubuntu fugitive and frequent user of mtr utility
(https://build.opensuse.org/package/show/network:utilities/mtr). In
ubuntu mtr could be run by restricted user, but not in OpenSUSE,
complaining with "unable to get raw sockets" message.
By adding cap_net_raw capability to /usr/sbin/mtr with
sudo /sbin/setcap cap_net_raw+ep /usr/sbin/mtr
(found in libcap-progs package) and then fixing permissions byremoving suid bit and making all users run it with
sudo chmod -s+rx /usr/sbin/mtr
I've managed to successfully run mtr as unprivileged user.I'm almost sure that capabilities cannot be transferred across rpm
which means I should add libcap-progs as a runtime dependency, and
update permissions/add capability during package installation. Am I
right?
Thanks in advance.
--
Regards,
Andrei Dziahel
--
To unsubscribe, e-mail: opensuse-packaging+***@opensuse.org
To contact the owner, e-mail: opensuse-packaging+***@opensuse.org
Regards,
Andrei Dziahel
--
To unsubscribe, e-mail: opensuse-packaging+***@opensuse.org
To contact the owner, e-mail: opensuse-packaging+***@opensuse.org