[Bug 210031] tcpdump -G flag unable to roll over pcap files

[bugzilla-noreply at freebsd.org]

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=210031

            Bug ID: 210031
           Summary: tcpdump -G flag unable to roll over pcap files
           Product: Base System
           Version: 11.0-CURRENT
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Many People
          Priority: ---
         Component: bin
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: mshirk at daemon-security.com

Tested on the FreeBSD 11 Current:

FreeBSD  11.0-ALPHA2 FreeBSD 11.0-ALPHA2 #0 r301230: Fri Jun  3 03:01:37 UTC
2016     root at releng2.nyi.freebsd.org:/usr/obj/usr/src/sys/GENERIC  amd64

Ideally, tcpdump can be used to log network traffic to disk and roll the pcap
files based on a time setting, such as 60 seconds with -G 60.

On 11-Current, it appears that there is an issue with capabilities in using
this feature. After 60 seconds with -G 60, tcpdump will write the file, but it
will be unable to open up and write to a new file.

Here is the output from the cli (11-ALPHA Live CD under bhyve )

root@:~ # tcpdump -i vtnet0 -nns 0 -G 3 -w /tmp/test.pcap
tcpdump: listening on vtnet0, link-type EN10MB (Ethernet), capture size 262144
bytes
tcpdump: /tmp/test.pcap: Not permitted in capability mode
root@:~ # ls -ltra /tmp
total 36
drwxr-xr-x  17 root  wheel     4096 Jun  3 03:16 ..
drwxrwxr-x   2 root  operator   512 Jun  4 14:35 .snap
drwxrwxrwt   2 root  wheel      512 Jun  4 14:35 .X11-unix
drwxrwxrwt   2 root  wheel      512 Jun  4 14:35 .XIM-unix
drwxrwxrwt   2 root  wheel      512 Jun  4 14:35 .ICE-unix
drwxrwxrwt   2 root  wheel      512 Jun  4 14:35 .font-unix
drwxrwxrwt   8 root  wheel      512 Jun  4 14:38 .
drwxr-xr-x   2 root  wheel      512 Jun  4 14:38 bsdinstall_etc
-rw-r--r--   1 root  wheel       24 Jun  4 14:41 test.pcap
root@:~ #

-- 
You are receiving this mail because:
You are the assignee for the bug.