From: Alexander Gozman <a.gozman@securitycode.ru>
Date: Thu, 19 Jan 2017 10:31:38 +0000 (+0300)
Subject: Bug #2009: added CAP_NET_ADMIN for PCAP and af-packet modes.
X-Git-Tag: suricata-3.2.1~49
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=187a6f392c51eb8e07a1d997fff53adabe30f6d7;p=thirdparty%2Fsuricata.git

Bug #2009: added CAP_NET_ADMIN for PCAP and af-packet modes.

Without this capability suricata is unable to get network
interface's settings.
---

diff --git a/src/util-privs.c b/src/util-privs.c
index 9b2a0058f6..d44cbc7b39 100644
--- a/src/util-privs.c
+++ b/src/util-privs.c
@@ -77,6 +77,7 @@ void SCDropMainThreadCaps(uint32_t userid, uint32_t groupid)
             capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
                     CAP_NET_RAW,            /* needed for pcap live mode */
                     CAP_SYS_NICE,
+                    CAP_NET_ADMIN,
                     -1);
             break;
         case RUNMODE_PFRING: