From a2b7881dbeadbcc94580bf927d46ed88e6898fae Mon Sep 17 00:00:00 2001
From: qouoq <qouoq@fastmail.com>
Date: Thu, 7 Jul 2022 06:35:06 +0800
Subject: [PATCH] Capabilities for reading process names

Adding cap_dac_read_search and cap_sys_ptrace to the setcap command, which allows non-root nethogs to display process names.
See https://stackoverflow.com/questions/41631927/read-proc-pid-fd-fd-without-full-root-access/47982314 and raboof/nethogs#142
---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 7c9fcfa..ce2fc34 100644
--- a/README.md
+++ b/README.md
@@ -79,9 +79,9 @@ If you want to remove Nethogs from your system, you can:
 
 ### Running without root
 
-In order to be run by a non-root user, nethogs needs the `cap_net_admin` and `cap_net_raw` capabilities. These can be set on the executable by using the `setcap` command, as follows:
+In order to be run by a non-root user, nethogs needs the `cap_net_admin` and `cap_net_raw` capabilities; additionally, to read and display process names, `cap_dac_read_search` and `cap_sys_ptrace` capabilities are required. These can be set on the executable by using the `setcap` command, as follows:
 
-    sudo setcap "cap_net_admin,cap_net_raw+pe" /usr/local/sbin/nethogs
+    sudo setcap "cap_net_admin,cap_net_raw,cap_dac_read_search,cap_sys_ptrace+pe" /usr/local/sbin/nethogs
 
 Coding standards
 ----------------