Run without sudo on OSX

[jnovack]

Not much of an issue, but more of a documentation change. It is POSSIBLE to run without using sudo.

On OSX, all applications using libpcap use the BPF (Berkeley Packet Filter) devices (/dev/bpf*). Normally, only root has rw- access to them. With a simple change, we can permit any user on the system to use them.

# sudo chmod +r /dev/bpf*

This is probably not the smartest idea on a multiuser system. You may wish to create a group (read_bpf, for example), add yourself to it, and give that group read-permission.

Linux:

# sudo groupadd read_bpf
# sudo gpasswd -a read_bpf username
# sudo chown root.read_bpf /dev/bpf*
# sudo chmod g+r /dev/bpf*

OSX can use dscl to create groups and add users to them.

[1] http://stackoverflow.com/questions/18049306/how-to-monitor-en0-network-interface-on-a-mac-without-having-to-use-sudo

[hortinstein]

thank you for pointing this out. i will look at a good place to put this in the documentation!

[xraken]

You can do this on Linux to run without sudo every time (with some caveats):

sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/nodejs

/usr/bin/nodejs is where my nodejs is installed.
The big caveat is of course you are granting elevated Network privs to all of nodejs.

[KrisHedges]

So... I found that doing this on OSX is only a temporary solution. Upon restart these permissions are reset.

sudo chmod +r /dev/bpf*

Bummer.

[lukaskollmer]

@KrisHedges put it in a cronjob to add the required permissions at launch?

[KrisHedges]

Awesome, I'll check it out.