Hi Daniel, Correct, more specifically the pcap_open_live() requires that - even if setting the promisc mode to off. It's good point to drop privileges then. No official code isavailable and look forward to see if anybody has done any work in this sense and/or is willing to contribute. Until i hear a scream back at this propo, i put this idea on my todo list.
Cheers, Paolo On Fri, Aug 05, 2011 at 03:19:15PM +0200, Daniel Aschwanden wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Hi all, > > Just a few days after the disscussion about running sfacctd as non-root > user, I've to put the same question for pmacctd. > > As far as I see, pmacctd requires superuser permissions to run. I guess > this is mostly related to the promiscuous mode. > > Has anyone else encountered the point where he need to run pmacctd as > non-root user? (I'm talking about dropping permissions after the start > of pmacctd with root permissions, since running the daemon with root > permissions is not really nice..) > > Has anyone already done some code modifications for that or is there > another solution for this problem? > > Thanks for any kind of advice. > > Cheers, > Dani > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iF4EAREIAAYFAk477dMACgkQxIzmH53Qg6HOhQD/e0rcLcL4NAC+xpa9BpHzbQEz > 5mpJAFRrRgK9P+FezmkA/3P2ZrFsmpD5DwGcUefjnVQpX/tsAxA2pJAOITwroFxU > =bsNt > -----END PGP SIGNATURE----- > > _______________________________________________ > pmacct-discussion mailing list > http://www.pmacct.net/#mailinglists _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists
