zoukankan      html  css  js  c++  java
  • 当 tcpdump -w 遇到 Permission denied

    为了定位问题,需要在Linux上使用tcpdump并且保存到文件,遇到了如下问题:

    tcpdump port 9001 -w xx
    tcpdump: xx: Permission denied

    因为已经是root用户,所以判断不是文件系统权限的问题。

    在网上查了一下,找到解决方法:将tcpdump的模式从enforce改为complain模式。

    修改过程如下:

    先查看处在那个模式:

    grep tcpdump /sys/kernel/security/apparmor/profiles
    /usr/sbin/tcpdump (enforce)

    果然不是complain模式。

    修改为complain模式:

    aa-complain /usr/sbin/tcpdump
    The program 'aa-complain' is currently not installed.  You can install it by typing:
    apt-get install apparmor-utils

    出现错误,按照提示安装apparmor-utils,过程略,然后再次执行:

    aa-complain /usr/sbin/tcpdump
    Setting /usr/sbin/tcpdump to complain mode.

    查看:

    grep tcpdump /sys/kernel/security/apparmor/profiles
    /usr/sbin/tcpdump (complain)

    完成

    参考:

    tcpdump permission denied:https://ubuntuforums.org/showthread.php?t=1501339

    页面内容比较多,关键信息如下:

    This is probably caused by AppArmor. You need to switch from 'enforcement' mode to 'complain' mode on 'tcpdump'. Run the following command as root:

    Code:

    aa-complain /usr/sbin/tcpdump

    You can check by running the following command as root:

    Code:

    grep tcpdump /sys/kernel/security/apparmor/profiles

    You should see (enforce) or (complain). You want it to say (complain).

    AppArmor介绍:http://www.tuicool.com/articles/aeiIzq

    Linux版本:Linux 10-6-13-14 3.2.0-85-generic #122-Ubuntu SMP Tue May 26 16:14:57 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

  • 相关阅读:
    TCP/IP详解卷:协议 第八章简要总结
    渗透测试1
    以前的实验博客地址,以前使用csdn
    day03---Node (05)
    day03---Vue(04)
    day03---Vue(03)
    day03---ES6入门(02)
    day03---前端开发和前端开发工具(01)
    Docker实战总结
    ETL之Kettle入门
  • 原文地址:https://www.cnblogs.com/liuwei-a/p/tcpdump-w-permission-denied.html
Copyright © 2011-2022 走看看