From cf32ec5d9e659f5dff78c9e333977f5cf367d59f Mon Sep 17 00:00:00 2001
From: luigi <luigi@FreeBSD.org>
Date: Tue, 26 May 2015 21:12:02 +0000
Subject: MFC: 272451, 272653 add CAP_EVENT so that we can poll() on netmap and
 pcap file descriptors

---
 contrib/tcpdump/tcpdump.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'contrib/tcpdump')

diff --git a/contrib/tcpdump/tcpdump.c b/contrib/tcpdump/tcpdump.c
index 511e1af..9c5e960 100644
--- a/contrib/tcpdump/tcpdump.c
+++ b/contrib/tcpdump/tcpdump.c
@@ -1486,7 +1486,12 @@ main(int argc, char **argv)
 	if (RFileName == NULL && VFileName == NULL) {
 		static const unsigned long cmds[] = { BIOCGSTATS };
 
-		cap_rights_init(&rights, CAP_IOCTL, CAP_READ);
+		/*
+		 * The various libpcap devices use a combination of
+		 * read (bpf), ioctl (bpf, netmap), poll (netmap).
+		 * Grant the relevant access rights, sorted by name.
+		 */
+		cap_rights_init(&rights, CAP_EVENT, CAP_IOCTL, CAP_READ);
 		if (cap_rights_limit(pcap_fileno(pd), &rights) < 0 &&
 		    errno != ENOSYS) {
 			error("unable to limit pcap descriptor");
-- 
cgit v1.1