Prev: compiling C program containing Xutil functions
Next: Can't static link with Xlib
From: Andrew Poelstra on 8 Feb 2010 21:56
Right now I'm working on a Bacnet device simulator for
Linux. Bacnet uses 802.2 frames to communicate (as well
as other protocols, but 802.2 is the most straightforward
to configure). On Windows I know it is possible to send
ethernet frames - even on Win7 - without administrator
rights.

Right now my socket call is:
_sd = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_802_2));

This requires root access to work.

Is there anyway to send 802.2 frames as non-root, or to
configure my personal account to act as root just for this
purpose?

I am the sysadmin on this computer but I don't like being
root only to run my code, especially when it is still so
immature and buggy.


Andrew

From: Ersek, Laszlo on 9 Feb 2010 03:04
In article <slrnhn1jj8.tgs.apoelstra(a)localhost.localdomain>, Andrew Poelstra <apoelstra(a)localhost.localdomain> writes:
> Right now I'm working on a Bacnet device simulator for
> Linux. Bacnet uses 802.2 frames to communicate (as well

> _sd = socket(PF_PACKET, SOCK_DGRAM, htons(ETH_P_802_2));
>
> This requires root access to work.
>
> Is there anyway to send 802.2 frames as non-root, or to
> configure my personal account to act as root just for this
> purpose?

$ man socket

----v----
PF_PACKET Low level packet interface packet(7)
----^----

$ man 7 packet

----v----
Only processes with effective UID 0 or the CAP_NET_RAW capability
may open packet sockets.
----^----

http://packages.debian.org/lenny/libcap-bin
http://packages.debian.org/source/lenny/libcap

I suppose "sucap" is what you need (or "sudo execap").

Cheers,
lacos
From: Mark Hobley on 9 Feb 2010 03:08
Andrew Poelstra <apoelstra(a)localhost.localdomain> wrote:
> Is there anyway to send 802.2 frames as non-root, or to
> configure my personal account to act as root just for this
> purpose?

Yes. You can can make your executable file suid root, and add your user
account to a group that is permitted to run it (obviously giving executable
permissions only to members of that group).

Mark.

--
Mark Hobley
Linux User: #370818 http://markhobley.yi.org/

From: Andrew Poelstra on 9 Feb 2010 20:20
On 2010-02-09, Mark Hobley <markhobley(a)hotpop.donottypethisbit.com> wrote:
> Andrew Poelstra <apoelstra(a)localhost.localdomain> wrote:
>> Is there anyway to send 802.2 frames as non-root, or to
>> configure my personal account to act as root just for this
>> purpose?
>
> Yes. You can can make your executable file suid root, and add your user
> account to a group that is permitted to run it (obviously giving executable
> permissions only to members of that group).
>
> Mark.
>

Thanks, Mark! This worked for me.

 | 
Pages: 1
Prev: compiling C program containing Xutil functions
Next: Can't static link with Xlib