Bug#1055257: tcpdump fails to change ownership of savefile if built with libcap-ng
Hi, On Thu, Nov 2, 2023 at 11:21 PM Alex Kompel wrote: > If the binary is built with lipcap-ng, tcpdump fails with "Couldn't change > ownership of savefile". If HAVE_LIBCAP_NG is defined, chown is called after > CAP_CHOWN capability is dropped. > I believe this is caused by the recent patch introduced as part of > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935112 : > https://salsa.debian.org/rfrancoise/tcpdump/-/blob/master/debian/patches/drop-privs-after-opening-savefile.diff Can you tell me more about the use case for building with libcap-ng? (For the record, the patch referenced above was introduced in 2019, it's not recent.) -- Romain Francoise https://people.debian.org/~rfrancoise/
Bug#1055257: tcpdump fails to change ownership of savefile if built with libcap-ng
Package: tcpdump
Version: 4.99.3-1
If the binary is built with lipcap-ng, tcpdump fails with "Couldn't change
ownership of savefile". If HAVE_LIBCAP_NG is defined, chown is called after
CAP_CHOWN capability is dropped.
I believe this is caused by the recent patch introduced as part of
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935112 :
https://salsa.debian.org/rfrancoise/tcpdump/-/blob/master/debian/patches/drop-privs-after-opening-savefile.diff
dget http://deb.debian.org/debian/pool/main/t/tcpdump/tcpdump_4.99.3-1.dsc
sudo apt install libcap-ng-dev
cd tcpdump-4.99.3
debian/rules build
Test:
sudo strace -e "capset,capget,chown" /home/ubuntu/c/tcpdump-4.99.3/tcpdump -w
/tmp/test.pcap
capget({version=0 /* _LINUX_CAPABILITY_VERSION_??? */, pid=0}, NULL) = 0
capget({version=_LINUX_CAPABILITY_VERSION_3, pid=18467},
{effective=1<
