[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #7589 [Ooni]: Test deploying ooni as a non-root user
#7589: Test deploying ooni as a non-root user
-------------------------+--------------------------------------------------
Reporter: aagbsn | Owner: hellais
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Ooni | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Test ooni deployment without root.
You'll need a system that supports capability bits CAP_NET_RAW and
CAP_NET_ADMIN.
These instructions are for using tcpdump as non root. We may need to set
the capabilities on the actual python interpreter. If you're using a
virtualenv, there should be a python binary inside $YOURVIRTUALENV/bin/
Instructions for tcpdump. Modify as necessary.
{{{
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/tcpdump
groupadd pcap
usermod -a -G pcap ooni
chgrp pcap /usr/sbin/tcpdump
}}}
Also, verify that these settings persist through a reboot.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7589>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs