FOSS/nethogs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request #234 from qouoq/main

Browse Source 
Additional useful capabilities
This commit is contained in:
Arnout Engelen
2022-07-11 09:11:58 +02:00
committed by GitHub
parent 90fb48d109 a9258d10f4
commit 93604685f4
2 changed files with 15 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
doc/nethogs.8
View File

@@ -108,13 +108,18 @@ needs the
.I cap_net_admin .I cap_net_admin
and and
.I cap_net_raw .I cap_net_raw
capabilities. These can be set on the executable by using the capabilities. Additionally, to display process names,
.I cap_dac_read_search
and
.I cap_sys_ptrace
capabilities are required.
These can be set on the executable by using the
.BR setcap (8) .BR setcap (8)
command, as follows: command, as follows:
.PP .PP
.in +4n .in +4n
.EX .EX
sudo setcap "cap_net_admin,cap_net_raw+pe" /usr/local/sbin/nethogs sudo setcap "cap_net_admin,cap_net_raw,cap_dac_read_search,cap_sys_ptrace+pe" /usr/local/sbin/nethogs
.EE .EE
.in .in
.SH "Notes" .SH "Notes"

14
src/main.cpp
View File

@@ -215,15 +215,12 @@ int main(int argc, char **argv) {
forceExit(false, "No devices to monitor. Use '-a' to allow monitoring " forceExit(false, "No devices to monitor. Use '-a' to allow monitoring "
"loopback interfaces or devices that are not up/running"); "loopback interfaces or devices that are not up/running");
if ((!tracemode) && (!DEBUG)) {
init_ui();
}
#ifndef __linux__ #ifndef __linux__
if (geteuid() != 0) if (geteuid() != 0)
forceExit(false, "You need to be root to run NetHogs!"); forceExit(false, "You need to be root to run NetHogs!");
#endif #endif
// on Linux, we can run as non-root given the cap_net_admin and cap_net_raw capabilities // on Linux, we can run as non-root given the cap_net_admin, cap_net_raw,
// cap_dac_read_search and cap_sys_ptrace capabilities
// use the Self-Pipe trick to interrupt the select() in the main loop // use the Self-Pipe trick to interrupt the select() in the main loop
self_pipe = create_self_pipe(); self_pipe = create_self_pipe();
@@ -291,7 +288,8 @@ int main(int argc, char **argv) {
if (nb_devices == nb_failed_devices) { if (nb_devices == nb_failed_devices) {
if (geteuid() != 0) if (geteuid() != 0)
fprintf(stderr, "To run nethogs without being root, you need to enable " fprintf(stderr, "To run nethogs without being root, you need to enable "
"capabilities on the program (cap_net_admin, cap_new_raw). " "capabilities on the program (cap_net_admin, cap_net_raw, "
"cap_dac_read_search, cap_sys_ptrace). "
"See the documentation for details.\n"); "See the documentation for details.\n");
forceExit(false, "Error opening pcap handlers for all devices.\n"); forceExit(false, "Error opening pcap handlers for all devices.\n");
} }
@@ -300,6 +298,10 @@ int main(int argc, char **argv) {
struct dpargs *userdata = (dpargs *)malloc(sizeof(struct dpargs)); struct dpargs *userdata = (dpargs *)malloc(sizeof(struct dpargs));
if ((!tracemode) && (!DEBUG)) {
init_ui();
}
// Main loop: // Main loop:
int refresh_count = 0; int refresh_count = 0;
while (1) { while (1) {