I dont know why weewx isnt started as root and once up and running drop privledges. Itd solve a number of these issues.
On Thu, 21 Mar 2024, 06:46 vince, <[email protected]> wrote: > I'm fiddling around trying to learn interceptor and how to set it up for > v5 and have it at least listening without errors as user 'pi' as long as > I'm listening on an unprivileged port. > > But 'sniff' mode requires being able to get into promiscuous mode it seems > and then I'm hitting permission issues. I use the 'pip' installation for > weewx but I'd expect the dpkg would have the same issues since weewx now > runs unprivileged. > > I did find some cryptic google hits suggesting that I can give the python > interpreter permission to do so ala "sudo setcap cap_net_raw+eip > /usr/bin/python3.11" which seems to permit weewxd to sniff for packets, > but that seems like a security risk isn't it ? > > Is there a preferred way to get the unprivileged weewxd user the ability > to sniff for packets if you have to run interceptor in that mode ??? > > My pip3 list includes: > > Package Version > ---------- ----------- > libpcap 1.11.0b8 > pypcap 1.3.0 > (others omitted for brevity) > > My Interceptor stanza looks like: > [Interceptor] > # This section is for the network traffic interceptor driver. > > # The driver to use: > driver = user.interceptor > > # Specify the hardware device to capture. Options include: > # acurite-bridge - acurite internet bridge, smarthub, or access > # observer - fine offset WH2600/HP1000/HP1003, ambient WS2902 > # lw30x - oregon scientific LW301/LW302 > # lacrosse-bridge - lacrosse GW1000U/C84612 internet bridge > # ecowitt-client - any hardware that uses the ecowitt protocol > # wu-client - any hardware that uses the weather underground protocol > device_type = ecowitt-client > iface = wlan0 > > # listen > # mode = listen > # port = 8000 > > # or sniff > mode = sniff > pcap_filter = src 192.168.1.201 and dst port 8001 > > -- > You received this message because you are subscribed to the Google Groups > "weewx-user" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/d/msgid/weewx-user/38403d42-3bb5-4003-9786-308c39309ec9n%40googlegroups.com > <https://groups.google.com/d/msgid/weewx-user/38403d42-3bb5-4003-9786-308c39309ec9n%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "weewx-user" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/weewx-user/CAGTinV4Kf7cOdwJfskLti91ArCUf%3DbPixynQN9aV9_t6y5qevA%40mail.gmail.com.
