Has anyone been able to successfully configure tcpdump to be run by a non-privilaged account.
I've successfully install tcpdump and can run it as sudo. However i'm not able to run it as a local user "mon".
I've created a local group called pcap and added my "mon" account to it...
sudo groupadd pcap
sudo usermod -a -G pcap mon
I've added the group to pcap and allowed members of the group to run it
sudo chgrp pcap /usr/sbin/tcpdump
sudo chmod 750 /usr/sbin/tcpdump
However when i try and run tcpdump as mon locally on the switch i get the following error.
tcpdump -i pppoe-wan -U -s0
tcpdump: pppoe-wan: You don't have permission to capture on that device
(socket: Operation not permitted)
The above command does work if i sudo it.
How can i give my "mon" user access to capture on the pppoe-wan interface without sudo?
Thanks
Simon