* src/main.cpp: Made cap test conditional on __linux__. Improved the error message.
* src/nethogs.cpp: Reduced the scope of the includes moving them out of this file. * src/nethogs.h: Removed NEEDROOT variable.
This commit is contained in:
rain1
23
src/main.cpp
23
src/main.cpp
@@ -2,6 +2,14 @@
|
||||
#include <fcntl.h>
|
||||
#include <vector>
|
||||
|
||||
#ifdef __linux__
|
||||
#include <linux/limits.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/xattr.h>
|
||||
#include <linux/capability.h>
|
||||
#endif
|
||||
|
||||
// The self_pipe is used to interrupt the select() in the main loop
|
||||
static std::pair<int, int> self_pipe = std::make_pair(-1, -1);
|
||||
static time_t last_refresh_time = 0;
|
||||
@@ -173,21 +181,20 @@ int main(int argc, char **argv) {
|
||||
init_ui();
|
||||
}
|
||||
|
||||
#if NEEDROOT == 1
|
||||
if (geteuid() != 0)
|
||||
forceExit(false, "You need to be root to run NetHogs!");
|
||||
#else
|
||||
if (geteuid() != 0) {
|
||||
#ifdef __linux__
|
||||
char exe_path[PATH_MAX];
|
||||
unsigned int caps[5] = {0};
|
||||
|
||||
readlink("/proc/self/exe", exe_path, PATH_MAX);
|
||||
getxattr(exe_path, "security.capability", (char *)caps, sizeof(caps));
|
||||
|
||||
if (((caps[1] >> CAP_NET_ADMIN) & 1) != 1)
|
||||
forceExit(false, "You need to enable cap_net_admin (and cap_net_raw) to run NetHogs!");
|
||||
if (((caps[1] >> CAP_NET_RAW) & 1) != 1)
|
||||
forceExit(false, "You need to enable cap_net_raw to run NetHogs!");
|
||||
if ((((caps[1] >> CAP_NET_ADMIN) & 1) != 1) || (((caps[1] >> CAP_NET_RAW) & 1) != 1))
|
||||
forceExit(false, "To run nethogs without being root you need to enable capabilities on the program (cap_net_admin, cap_net_raw), see the documentation for details.");
|
||||
#else
|
||||
forceExit(false, "You need to be root to run NetHogs!");
|
||||
#endif
|
||||
}
|
||||
|
||||
// use the Self-Pipe trick to interrupt the select() in the main loop
|
||||
self_pipe = create_self_pipe();
|
||||
|
||||
@@ -38,14 +38,6 @@
|
||||
#include <netinet/tcp.h>
|
||||
#include <netinet/udp.h>
|
||||
|
||||
#if NEEDROOT == 0
|
||||
#include <linux/limits.h>
|
||||
#include <unistd.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/xattr.h>
|
||||
#include <linux/capability.h>
|
||||
#endif
|
||||
|
||||
#include "cui.h"
|
||||
|
||||
extern "C" {
|
||||
|
||||
@@ -49,13 +49,6 @@
|
||||
* after which a connection is removed */
|
||||
#define CONNTIMEOUT 50
|
||||
|
||||
/* Set to '0' when compiling for a system that uses Linux Capabilities,
|
||||
* like www.adamantix.org: in that case nethogs shouldn't check if it's
|
||||
* running as root. Take care to give it sufficient privileges though. */
|
||||
#ifndef NEEDROOT
|
||||
#define NEEDROOT 1
|
||||
#endif
|
||||
|
||||
#define DEBUG 0
|
||||
|
||||
#define REVERSEHACK 0
|
||||
|
||||
Reference in New Issue
Block a user