Question about pcap and groups [solved]

jwrichards82 · 2024-07-31 02:38:09

my googling isn't working or I don't understanding the topic well enough to ask the right questions,. or even see what I might be missing on the wiki.
I am trying to connect 86Box to the internet. I built it from source, and it runs just fine. next I was trying to figure out how to connect to the internet. After reading what I could find, I think my problem is either a permission issue with my user or the program.
I can successfully run /usr/bin/tcpdump with sudo. (the only method I know of to test if pcap is even working)
I can run 86Box with sudo as well and it connects to my router and gets and IP address (if relevant, I am running MS-DOS 6.22 and mTCP suite from Bruttman) and I can browse to a retro site and use the telnet terminal to access BBS's
Of course, constantly running an app through sudo is not the smartest/safest thing I gather. So in hunting around to possibly use chmod to assign it "group access" (I think that is the right step) there is no pcap, tcp or other group. I would prefer not to have to do that, so I am looking at adding my user to a group that allows access to pcap so that I can just run the program, knowing on my end I am already squared away on a user level. again, no recognizable group I can see and from the documentation for libpcap and tcpdump, I don't see anything about permissions or groups. This is a new install as of 29-07-2024
After a day of searching I am kinda burnt out and no idea where to look now, or just have been reading too much. I have exhausted YouTube, most "tutorials" are based on Windows where I already had that working, but I am back on Linux now.
Does anyone have an answer for me or the right direction? I am still getting to understand the idea of groups and permissions on Linux and I am trying real hard not to give everything and everyone carte blanche access to everything on the system, something I guess I have become way too accustomed in doing on Windows.

Last edited by jwrichards82 (2024-08-01 07:53:33)

seth · 2024-07-31 07:25:33

sudo setcap cap_net_raw,cap_net_admin=eip /path/to/86box

You might get away w/ less capabilities but I couldn't immediately find what the 86box pcap backend actually requires.
There also seem to be other network emulation backends you might want to explore.

For tcpdump, you can make it drop privileges w/ eg. "-Z nobody"

jrichards1982 · 2024-08-01 00:14:06

ignore: had to setup second account necessarily.

Last edited by jrichards1982 (2024-08-01 01:24:47)

jrichards1982 · 2024-08-01 01:23:24

seth wrote:

sudo setcap cap_net_raw,cap_net_admin=eip /path/to/86box
You might get away w/ less capabilities but I couldn't immediately find what the 86box pcap backend actually requires.
There also seem to be other network emulation backends you might want to explore.
For tcpdump, you can make it drop privileges w/ eg. "-Z nobody"

That string worked. I am going to read up on what setcap does. I think I saw something similar to it in my searches, but I don't JUST throw random commands I find on pages outside of archlinux.org.
Since 86Box was compiled from source, I am going to have to run that again if I update it? I wouldn't image this is something that is kept track just by filename alone. I am right in assuming there is a "flag" put on the file itself? This should also "stick" if I reboot?

Thank you again for your time!

Last edited by jrichards1982 (2024-08-01 05:59:49)

seth · 2024-08-01 06:04:38

I don't JUST throw random commands I find on pages outside of archlinux.org

ftfy, there's probably dumb suggestions here, too and not every operation applies to every context.

Since 86Box was compiled from source, I am going to have to run that again if I update it?

Yes - you're not using one of the packages in the AUR?

This should also "stick" if I reboot?

I am going to read up on what setcap does

https://man.archlinux.org/man/capabilit … pabilities

And of course you could simply have tested the behavior

jrichards1982 · 2024-08-01 07:32:44

seth wrote:

I don't JUST throw random commands I find on pages outside of archlinux.org
ftfy, there's probably dumb suggestions here, too and not every operation applies to every context.
Yes - you're not using one of the packages in the AUR?
Nope. I built from source for REASONS hehehe. I am increasingly getting interested in emulation and programming as well. I also saw the only distribution on 86Box.net for Linux is an appimage. I am still not too comfy with snaps and flatpacks and what have you's. So... I know it is selfish to expect all the sourcecode out there to have build instructions tailored for Arch, so my thinking is the more I build things from source, I can understand the build chain process more and be able to adapt if the distro of choice ends up going POOF or the maintainers go evil and microsoft-like.
And of course you could simply have tested the behavior

As for testing, yeah, I did and it worked, which I think killed the SSD on that restart I was on and I just spent the last hour on reinstalling Arch and getting everything back to where things were. I have a new unused12TB platter drive I'll use for something like timeshift or something like it to make regular systemwide backups. As I know another SSD is about to jump off the proverbial bridge. I really just need to buy new stuff.

Well, thank you much for the help seth! I'll update this as solved, unless you have suggestions for a backup solution. I know people keep talking about Timeshift. I am sure there are other solutions out there as well. I was thinking of using acronis once a month (at least until I get neough cash to buy a couple new SSDs), I did pay for it once upon a time ago and it still works and I am familiar with it. It is from my Windows days, though so maybe time to find seomthing else.

jrichards1982 · 2024-08-01 07:46:25

[redacted]

Last edited by jrichards1982 (2024-08-01 07:51:53)

jwrichards82 · 2024-08-01 07:53:15

Yeah... I thought I would build from the source as I need to start understanding the build process. It is selfish to expect all sourcecode out there to have build instructions for Arch, and who knows... Arch may disappear one day. Or the maintainers go evil or Microsoft-like in their behavior. Or I just decide one day to stop using Arch. It would be good to know the build chain anyway in case dependencies change or I just want/need to adapt. Also, the appimage was also having the same problem. My thinking was if the source built on my computer was still having fits, the appimage would as well. (yeah, same behavior) And like the other flatpacks and snaps or whatever they are called, I have no idea what is in it. I am trying my best not to rely on them.

And for testing, yeah I think that is what killed the SSD I was on. Rebooted to try anyway and I kept going back into BIOS, not Linux. Would get to the boot loader but immediately reboot. SO I just spent the last good bit of time buying a new SSD and a 12TB drive to have full system backups in case this happens again and reinstalling Linux on an internet connection that has decided to keep dropping packets recently. If not, I get half the speed I pay for. Cox is sending someone out to check the dmarc and patch panel. Last guy who came out here said it needed to be replaced anyway. The feed is shared with three other apartments in this building.

Anyway, thanks again for the help!

Also, ignore jrichards1982, I keep signing into it, the account was created when I didn't realize i already had one.

Arch Linux

#1 2024-07-31 02:38:09

Question about pcap and groups [solved]

#2 2024-07-31 07:25:33

Re: Question about pcap and groups [solved]

#3 2024-08-01 00:14:06

Re: Question about pcap and groups [solved]

#4 2024-08-01 01:23:24

Re: Question about pcap and groups [solved]

#5 2024-08-01 06:04:38

Re: Question about pcap and groups [solved]

#6 2024-08-01 07:32:44

Re: Question about pcap and groups [solved]

#7 2024-08-01 07:46:25

Re: Question about pcap and groups [solved]

#8 2024-08-01 07:53:15

Re: Question about pcap and groups [solved]

Board footer