Table of Contents
Using libpcap without sudo
Environment
- macOS
Required Homebrew Formula
libpcap
Overview
In macOS, the default permissions of the /dev/bpf* devices allow read/write for root, and read-only access to the admin group. This means that applications that use libpcap for ethernet access, such as DOSBox-X and Wireshark, must be run with sudo.
While you can change the permission of the /dev/bpf* devices yourself to allow the admin group write access, this permission will be reset after a reboot.
The below instructions explain how to make this change permanent through the use of a LaunchDaemon which invokes a shell script to set the permissions on boot.
Formula Installation
$ brew install libpcap
Download Startup Files
Download chmod_bpf and org.tcpdump.chmod_bpf.plist (this guide will assume you have saved them in your Downloads folder).
Install Startup Files
chmod_bpf
chmod_bpf is a simple script that changes the permissions of the /dev/bpf* devices to allow the admin group to write to them. You can edit this file before copying if you want to give these permissions to a different group.
$ sudo cp ~/Downloads/chmod_bpf /usr/local/bin $ sudo chown root:admin /usr/local/bin/chmod_bpf $ sudo chmod 755 /usr/local/bin/chmod_bpf
org.tcpdump.chmod_bpf.plist
org.tcpdump.chmod_bpf.plist is the LaunchDaemon which calls chmod_bpf every time macOS boots.
$ sudo cp ~/Downloads/org.tcpdump.chmod_bpf.plist /Library/LaunchDaemons $ sudo chown root:admin /Library/LaunchDaemons/org.tcpdump.chmod_bpf.plist $ chmod 644 /Library/LaunchDaemons/org.tcpdump0.chmod_bpf.plist