From: Alexander Gozman <a.gozman@securitycode.ru>
Date: Fri, 26 Jun 2015 08:38:59 +0000 (+0300)
Subject: Issue 1491: fix capabilities for pf_ring mode when running under non-root account
X-Git-Tag: suricata-3.0RC1~284
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=cd9cc2559e33590033debdc09b45c83f433052ce;p=thirdparty%2Fsuricata.git

Issue 1491: fix capabilities for pf_ring mode when running under non-root account
---

diff --git a/src/util-privs.c b/src/util-privs.c
index 2048d12ac6..635247c3e5 100644
--- a/src/util-privs.c
+++ b/src/util-privs.c
@@ -80,7 +80,7 @@ void SCDropMainThreadCaps(uint32_t userid, uint32_t groupid)
             break;
         case RUNMODE_PFRING:
             capng_updatev(CAPNG_ADD, CAPNG_EFFECTIVE|CAPNG_PERMITTED,
-                    CAP_NET_ADMIN,
+                    CAP_NET_ADMIN, CAP_NET_RAW,
                     -1);
             break;
         case RUNMODE_NFQ: