[tor-bugs] #7589 [Ooni]: Test deploying ooni as a non-root user
Tor Bug Tracker & Wiki
blackhole at torproject.org
Thu Nov 29 15:22:28 UTC 2012
#7589: Test deploying ooni as a non-root user
-------------------------+--------------------------------------------------
Reporter: aagbsn | Owner: hellais
Type: enhancement | Status: new
Priority: normal | Milestone:
Component: Ooni | Version:
Keywords: | Parent:
Points: | Actualpoints:
-------------------------+--------------------------------------------------
Test ooni deployment without root.
You'll need a system that supports capability bits CAP_NET_RAW and
CAP_NET_ADMIN.
These instructions are for using tcpdump as non root. We may need to set
the capabilities on the actual python interpreter. If you're using a
virtualenv, there should be a python binary inside $YOURVIRTUALENV/bin/
Instructions for tcpdump. Modify as necessary.
{{{
sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/tcpdump
groupadd pcap
usermod -a -G pcap ooni
chgrp pcap /usr/sbin/tcpdump
}}}
Also, verify that these settings persist through a reboot.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/7589>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list