tcpdump permission denied

[el_fiqs]

when i type this command : "tcpdump -r 12072006.tcpdump.log"

this output appear : "tcpdump: 12072006.tcpdump.log: Permission denied"

i access the 12072006.tcpdump.log file from another hard disk which installed with windows os.

please help..

[splater]

I think you need to have root privileges ...

so: sudo tcpdump ...

++

[el_fiqs]

i'm in root user, but still got the permission denied.
please help

[samemiki]

Do you have a solution for this ? Can you please post the solution ?
I have exactly the same problem, doing "sudo tcpdump -r fileName" gives me "Permission denied" error, the file is in an external harddisk.

Thanks.

[redyaky]

I happened to find a fix here:

http://thecomputergroup.net/how-to-f...ntu-904-server

I'm not sure about the security risks of doing this however.

[noahspurrier]

This is probably caused by AppArmor. You need to switch from 'enforcement' mode to 'complain' mode on 'tcpdump'. Run the following command as root:

Code:

aa-complain /usr/sbin/tcpdump

You can check by running the following command as root:

Code:

grep tcpdump /sys/kernel/security/apparmor/profiles

You should see (enforce) or (complain). You want it to say (complain).

[gsgleason]

show the output of:
ls -l 12072006.tcpdump.log

[jbowen7]

el_fiqs,

Was this problem solved for you? I too am experiencing this problem as root user.

Code:

tcpdump -i eth0 -Xnnvv -w tcpdump.file port 53

produces:

tcpdump: tcpdump.file: Permission denied

I'm in /etc when it fails.

the command works in /root though.

I'm sure noahspurrier is right, it's probably an apparmor issue.

But did you solve it, and what did you do to solve it?

[peely]

noahspurrier is correct, "aa-complain /usr/sbin/tcpdump" definitely fixed the issue for me, thanks.

You still ened root priviledges though, but this command is useful if you need to write pcaps to a folder which is not owned by root e.g. when it needs to be accessible to other users and groups.