diff options
Diffstat (limited to 'contrib/libpcap/README.macosx')
-rw-r--r-- | contrib/libpcap/README.macosx | 74 |
1 files changed, 0 insertions, 74 deletions
diff --git a/contrib/libpcap/README.macosx b/contrib/libpcap/README.macosx deleted file mode 100644 index 3dc9211..0000000 --- a/contrib/libpcap/README.macosx +++ /dev/null @@ -1,74 +0,0 @@ -As with other systems using BPF, Mac OS X allows users with read access -to the BPF devices to capture packets with libpcap and allows users with -write access to the BPF devices to send packets with libpcap. - -On some systems that use BPF, the BPF devices live on the root file -system, and the permissions and/or ownership on those devices can be -changed to give users other than root permission to read or write those -devices. - -On newer versions of FreeBSD, the BPF devices live on devfs, and devfs -can be configured to set the permissions and/or ownership of those -devices to give users other than root permission to read or write those -devices. - -On Mac OS X, the BPF devices live on devfs, but the OS X version of -devfs is based on an older (non-default) FreeBSD devfs, and that version -of devfs cannot be configured to set the permissions and/or ownership of -those devices. - -Therefore, we supply: - - a "startup item" for older versions of Mac OS X; - - a launchd daemon for Tiger and later versions of Mac OS X; - -Both of them will change the ownership of the BPF devices so that the -"admin" group owns them, and will change the permission of the BPF -devices to rw-rw----, so that all users in the "admin" group - i.e., all -users with "Allow user to administer this computer" turned on - have -both read and write access to them. - -The startup item is in the ChmodBPF directory in the source tree. A -/Library/StartupItems directory should be created if it doesn't already -exist, and the ChmodBPF directory should be copied to the -/Library/StartupItems directory (copy the entire directory, so that -there's a /Library/StartupItems/ChmodBPF directory, containing all the -files in the source tree's ChmodBPF directory; don't copy the individual -items in that directory to /Library/StartupItems). The ChmodBPF -directory, and all files under it, must be owned by root. Installing -the files won't immediately cause the startup item to be executed; it -will be executed on the next reboot. To change the permissions before -the reboot, run - - sudo SystemStarter start ChmodBPF - -The launchd daemon is the chmod_bpf script, plus the -org.tcpdump.chmod_bpf.plist launchd plist file. chmod_bpf should be -installed in /usr/local/bin/chmod_bpf, and org.tcpdump.chmod_bpf.plist -should be installed in /Library/LaunchDaemons. chmod_bpf, and -org.tcpdump.chmod_bpf.plist, must be owned by root. Installing the -script and plist file won't immediately cause the script to be executed; -it will be executed on the next reboot. To change the permissions -before the reboot, run - - sudo /usr/local/bin/chmod_bpf - -or - - sudo launchctl load /Library/LaunchDaemons/org.tcpdump.chmod_bpf.plist - -If you want to give a particular user permission to access the BPF -devices, rather than giving all administrative users permission to -access them, you can have the ChmodBPF/ChmodBPF script change the -ownership of /dev/bpf* without changing the permissions. If you want to -give a particular user permission to read and write the BPF devices and -give the administrative users permission to read but not write the BPF -devices, you can have the script change the owner to that user, the -group to "admin", and the permissions to rw-r-----. Other possibilities -are left as an exercise for the reader. - -(NOTE: due to a bug in Snow Leopard, if you change the permissions not -to grant write permission to everybody who should be allowed to capture -traffic, non-root users who cannot open the BPF devices for writing will -not be able to capture outgoing packets.) |