|
Packit |
209cc3 |
#! /bin/sh
|
|
Packit |
209cc3 |
|
|
Packit |
209cc3 |
#
|
|
Packit |
209cc3 |
# Unfortunately, macOS's devfs is based on the old FreeBSD
|
|
Packit |
209cc3 |
# one, not the current one, so there's no way to configure it
|
|
Packit |
209cc3 |
# to create BPF devices with particular owners or groups.
|
|
Packit |
209cc3 |
# This startup item will make it owned by the admin group,
|
|
Packit |
209cc3 |
# with permissions rw-rw----, so that anybody in the admin
|
|
Packit |
209cc3 |
# group can use programs that capture or send raw packets.
|
|
Packit |
209cc3 |
#
|
|
Packit |
209cc3 |
# Change this as appropriate for your site, e.g. to make
|
|
Packit |
209cc3 |
# it owned by a particular user without changing the permissions,
|
|
Packit |
209cc3 |
# so only that user and the super-user can capture or send raw
|
|
Packit |
209cc3 |
# packets, or give it the permissions rw-r-----, so that
|
|
Packit |
209cc3 |
# only the super-user can send raw packets but anybody in the
|
|
Packit |
209cc3 |
# admin group can capture packets.
|
|
Packit |
209cc3 |
#
|
|
Packit |
209cc3 |
chgrp admin /dev/bpf*
|
|
Packit |
209cc3 |
chmod g+rw /dev/bpf*
|