No policy for tcpdump -j option (time stamp type)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Invalid
|
Undecided
|
Unassigned | ||
tcpdump (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
The tcpdump -J option to list the supported time stamp types is allowed:
# tcpdump -i eth0 -J
Time stamp types for eth0 (use option -j to set):
host (Host)
adapter (Adapter)
adapter_unsynced (Adapter, not synced with system time)
However, the -j option for other than the default, host, is not allowed:
# tcpdump -i eth0 -j adapter
tcpdump: eth0: You don't have permission to capture on that device
(You don't have permission to capture on that device)
The attached patch adds capability net_admin to allow -j:
# tcpdump -i eth0 -j adapter
tcpdump: WARNING: eth0: That type of time stamp is not supported by that device
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
tags: | added: patch |
Changed in tcpdump (Ubuntu): | |
status: | Confirmed → In Progress |
assignee: | nobody → Jamie Strandboge (jdstrand) |
Hi Graeme,
Sorry for the delay in handling this bug. AppArmor upstream does not provide the tcpdump profile; this actually provided by the tcpdump package in Ubuntu. Moving the bug there.
Thanks!