Bug #4647
Updated by Davide Pesavento almost 6 years ago
In NFD 0.6.2 PPA package, `nfd.conf` drops root privilege and `seteuid` to "ndn" user, and the installation script executes `setcap` on the NFD binary. As reported in #4565-3, this is ineffective because `seteuid` automatically clears all capabilities unless the `SECBIT_KEEP_CAPS` flag is set on the process, and Ethernet face creation fails with "pcap\_activate: You don't have permission to capture on that device" error. To fix this issue, `PcapHelper` should wrap `pcap_activate` in `PrivilegeHelper::runElevated`.