JP Abgrall | 511eca3 | 2014-02-12 13:46:45 -0800 | [diff] [blame] | 1 | #! /bin/sh |
| 2 | |
| 3 | # |
| 4 | # Unfortunately, Mac OS X's devfs is based on the old FreeBSD |
| 5 | # one, not the current one, so there's no way to configure it |
| 6 | # to create BPF devices with particular owners or groups. |
| 7 | # This startup item will make it owned by the admin group, |
| 8 | # with permissions rw-rw----, so that anybody in the admin |
| 9 | # group can use programs that capture or send raw packets. |
| 10 | # |
| 11 | # Change this as appropriate for your site, e.g. to make |
| 12 | # it owned by a particular user without changing the permissions, |
| 13 | # so only that user and the super-user can capture or send raw |
| 14 | # packets, or give it the permissions rw-r-----, so that |
| 15 | # only the super-user can send raw packets but anybody in the |
| 16 | # admin group can capture packets. |
| 17 | # |
| 18 | chgrp admin /dev/bpf* |
| 19 | chmod g+rw /dev/bpf* |