Bromania Wiki

Scribblings of a Brit in Romania

User Tools

Site Tools


tech:unix:macos:libpcap

Using libpcap without sudo

Environment

Required Homebrew Formula

  • libpcap

Overview

In macOS, the default permissions of the /dev/bpf* devices allow read/write for root, and read-only access to the admin group. This means that applications that use libpcap for ethernet access, such as DOSBox-X and Wireshark, must be run with sudo.

While you can change the permission of the /dev/bpf* devices yourself to allow the admin group write access, this permission will be reset after a reboot.

The below instructions explain how to make this change permanent through the use of a LaunchDaemon which invokes a shell script to set the permissions on boot.

Formula Installation

$ brew install libpcap

Download Startup Files

Download chmod_bpf and org.tcpdump.chmod_bpf.plist (this guide will assume you have saved them in your Downloads folder).

Install Startup Files

chmod_bpf

chmod_bpf is a simple script that changes the permissions of the /dev/bpf* devices to allow the admin group to write to them. You can edit this file before copying if you want to give these permissions to a different group.

$ sudo cp ~/Downloads/chmod_bpf /usr/local/bin
$ sudo chown root:admin /usr/local/bin/chmod_bpf
$ sudo chmod 755 /usr/local/bin/chmod_bpf

org.tcpdump.chmod_bpf.plist

org.tcpdump.chmod_bpf.plist is the LaunchDaemon which calls chmod_bpf every time macOS boots.

$ sudo cp ~/Downloads/org.tcpdump.chmod_bpf.plist /Library/LaunchDaemons
$ sudo chown root:admin /Library/LaunchDaemons/org.tcpdump.chmod_bpf.plist
$ chmod 644 /Library/LaunchDaemons/org.tcpdump0.chmod_bpf.plist
tech/unix/macos/libpcap.txt · Last modified: 2023/01/05 11:10 by puisor