Bug#1055257: tcpdump fails to change ownership of savefile if built with libcap-ng
Hi, On Thu, Nov 2, 2023 at 11:21 PM Alex Kompel wrote: > If the binary is built with lipcap-ng, tcpdump fails with "Couldn't change > ownership of savefile". If HAVE_LIBCAP_NG is defined, chown is called after > CAP_CHOWN capability is dropped. > I believe this is caused by the recent patch introduced as part of > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935112 : > https://salsa.debian.org/rfrancoise/tcpdump/-/blob/master/debian/patches/drop-privs-after-opening-savefile.diff Can you tell me more about the use case for building with libcap-ng? (For the record, the patch referenced above was introduced in 2019, it's not recent.) -- Romain Francoise https://people.debian.org/~rfrancoise/
Bug#1055257: tcpdump fails to change ownership of savefile if built with libcap-ng
Package: tcpdump Version: 4.99.3-1 If the binary is built with lipcap-ng, tcpdump fails with "Couldn't change ownership of savefile". If HAVE_LIBCAP_NG is defined, chown is called after CAP_CHOWN capability is dropped. I believe this is caused by the recent patch introduced as part of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=935112 : https://salsa.debian.org/rfrancoise/tcpdump/-/blob/master/debian/patches/drop-privs-after-opening-savefile.diff dget http://deb.debian.org/debian/pool/main/t/tcpdump/tcpdump_4.99.3-1.dsc sudo apt install libcap-ng-dev cd tcpdump-4.99.3 debian/rules build Test: sudo strace -e "capset,capget,chown" /home/ubuntu/c/tcpdump-4.99.3/tcpdump -w /tmp/test.pcap capget({version=0 /* _LINUX_CAPABILITY_VERSION_??? */, pid=0}, NULL) = 0 capget({version=_LINUX_CAPABILITY_VERSION_3, pid=18467}, {effective=1<