2

I want to use the following command to allow usage of the libpcap package without to sudo (on a debian system):

sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/nodejs

I'm getting this error:

Failed to set capabilities on file `/usr/bin/nodejs' (Invalid argument)
The value of the capability argument is not permitted for a file. Or the file is not a regular (non-symlink) file

But /usr/bin/nodejs is not a symlink:

-rwxr-xr-x 1 root root 18M Jun  3 03:20 /usr/bin/nodejs

USER@HOST:~$ which nodejs
/usr/bin/nodejs

my drive is mounted like this:

USER@HOST:~$ cat /etc/fstab 
#
# /etc/fstab
#
# <device>      <mountpoint>    <filesystemtype>    <options>   <dump>  <fsckorder>
/dev/mmcblk0p1  /               ext3                defaults    0       1
Bastl
  • 121
  • 2
  • Good to see you're trying to use capabilities, but enabling them on an interpreter is a great way to open up security vulnerabilities. – womble Sep 05 '16 at 04:58
  • This is running in my lan only. For this reason, the security is not so important :). But if you know a better (and working) way let me know – Bastl Sep 05 '16 at 08:28
  • Sure, but my comment is also for the next 10,000 people who find this question and think, "yep, that's a great solution for my Internet-facing box!". – womble Sep 05 '16 at 22:28

1 Answers1

0

Check in order:

  1. Double check if /usr/bin/nodejs is definitely a file.
  2. The the capabilities are permitted for files, maybe you can not change them, even as root. Ensure the following:
    • The partition containing /usr/bin/nodejs is mounted rw.
    • The partition is not mounted using the option nosuid, which will prevent certain actions on the file system (The nosuid mount option specifies that the filesystem cannot contain set userid files).
M. Glatki
  • 1,964
  • 1
  • 17
  • 33
  • 1: it is definitely a file not a symlink. 2: my drive is mounted with default options (which are the following: rw, suid, dev, exec, auto, nouser, and async) – Bastl Sep 05 '16 at 15:37