Home Explore Help
Sign In
SoftwareDesign
/
csu3_am335x
8
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: master
Branches Tags
csu3_am335x
/
EVSE
/
GPL
/
libpcap-1.9.0
/
doc
/
README.macos

README.macos 3.4 KB
Permalink History Raw

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374 
  1. As with other systems using BPF, macOS allows users with read access to
    2. 

  2. the BPF devices to capture packets with libpcap and allows users with
    3. 

  3. write access to the BPF devices to send packets with libpcap.
    4. 

  4. 

  5. On some systems that use BPF, the BPF devices live on the root file
    6. 

  6. system, and the permissions and/or ownership on those devices can be
    7. 

  7. changed to give users other than root permission to read or write those
    8. 

  8. devices.
    9. 

  9. 

  10. On newer versions of FreeBSD, the BPF devices live on devfs, and devfs
    11. 

  11. can be configured to set the permissions and/or ownership of those
    12. 

  12. devices to give users other than root permission to read or write those
    13. 

  13. devices.
    14. 

  14. 

  15. On macOS, the BPF devices live on devfs, but the macOS version of devfs
    16. 

  16. is based on an older (non-default) FreeBSD devfs, and that version of
    17. 

  17. devfs cannot be configured to set the permissions and/or ownership of
    18. 

  18. those devices.
    19. 

  19. 

  20. Therefore, we supply:
    21. 

  21. 

  22. 	a "startup item" for older versions of macOS;
    23. 

  23. 

  24. 	a launchd daemon for Tiger and later versions of macOS;
    25. 

  25. 

  26. Both of them will change the ownership of the BPF devices so that the
    27. 

  27. "admin" group owns them, and will change the permission of the BPF
    28. 

  28. devices to rw-rw----, so that all users in the "admin" group - i.e., all
    29. 

  29. users with "Allow user to administer this computer" turned on - have
    30. 

  30. both read and write access to them.
    31. 

  31. 

  32. The startup item is in the ChmodBPF directory in the source tree.  A
    33. 

  33. /Library/StartupItems directory should be created if it doesn't already
    34. 

  34. exist, and the ChmodBPF directory should be copied to the
    35. 

  35. /Library/StartupItems directory (copy the entire directory, so that
    36. 

  36. there's a /Library/StartupItems/ChmodBPF directory, containing all the
    37. 

  37. files in the source tree's ChmodBPF directory; don't copy the individual
    38. 

  38. items in that directory to /Library/StartupItems).  The ChmodBPF
    39. 

  39. directory, and all files under it, must be owned by root.  Installing
    40. 

  40. the files won't immediately cause the startup item to be executed; it
    41. 

  41. will be executed on the next reboot.  To change the permissions before
    42. 

  42. the reboot, run
    43. 

  43. 

  44. 	sudo SystemStarter start ChmodBPF
    45. 

  45. 

  46. The launchd daemon is the chmod_bpf script, plus the
    47. 

  47. org.tcpdump.chmod_bpf.plist launchd plist file.  chmod_bpf should be
    48. 

  48. installed in /usr/local/bin/chmod_bpf, and org.tcpdump.chmod_bpf.plist
    49. 

  49. should be installed in /Library/LaunchDaemons.  chmod_bpf, and
    50. 

  50. org.tcpdump.chmod_bpf.plist, must be owned by root.  Installing the
    51. 

  51. script and plist file won't immediately cause the script to be executed;
    52. 

  52. it will be executed on the next reboot.  To change the permissions
    53. 

  53. before the reboot, run
    54. 

  54. 

  55. 	sudo /usr/local/bin/chmod_bpf
    56. 

  56. 

  57. or
    58. 

  58. 

  59. 	sudo launchctl load /Library/LaunchDaemons/org.tcpdump.chmod_bpf.plist
    60. 

  60. 

  61. If you want to give a particular user permission to access the BPF
    62. 

  62. devices, rather than giving all administrative users permission to
    63. 

  63. access them, you can have the ChmodBPF/ChmodBPF script change the
    64. 

  64. ownership of /dev/bpf* without changing the permissions.  If you want to
    65. 

  65. give a particular user permission to read and write the BPF devices and
    66. 

  66. give the administrative users permission to read but not write the BPF
    67. 

  67. devices, you can have the script change the owner to that user, the
    68. 

  68. group to "admin", and the permissions to rw-r-----.  Other possibilities
    69. 

  69. are left as an exercise for the reader.
    70. 

  70. 

  71. (NOTE: due to a bug in Snow Leopard, if you change the permissions not
    72. 

  72. to grant write permission to everybody who should be allowed to capture
    73. 

  73. traffic, non-root users who cannot open the BPF devices for writing will
    74. 

  74. not be able to capture outgoing packets.)
    75.