Wireshark · Wireshark-users: Re: [Wireshark-users] tcpdump -z bzip2/gzip permission denied

Wireshark-users: Re: [Wireshark-users] tcpdump -z bzip2/gzip permission denied

From: Zaki Akhmad <zakiakhmad@xxxxxxxxx>

Date: Mon, 27 Feb 2012 17:33:51 +0700

On Fri, Feb 24, 2012 at 2:23 PM, Zaki Akhmad <zakiakhmad@xxxxxxxxx> wrote:

> compress_savefile:execlp(bzip2,
> /home/za/tools/tcpdump/rr/packet_20120224.1420.pcap): Permission
> denied
> compress_savefile:execlp(bzip2,
> /home/za/tools/tcpdump/rr/packet_20120224.1420.pcap): Permission
> denied
> compress_savefile:execlp(bzip2,
> /home/za/tools/tcpdump/rr/packet_20120224.1420.pcap): Permission
> denied
>
> What's wrong?

The problem is solved now :-)

I guess this problem is specific at Ubuntu because of the apparmor
configuration. Previously, I run -z option at Debian and it works
without have to change its configuration.

See the tcpdump apparmor configuration
# grep tcpdump /sys/kernel/security/apparmor/profiles
/usr/sbin/tcpdump (enforce)

Change it to complain mode
# aa-complain /usr/sbin/tcpdump
Setting /usr/sbin/tcpdump to complain mode.

Reference:
http://ubuntuforums.org/showthread.php?t=1501339

-- 
Zaki Akhmad

References:
- [Wireshark-users] tcpdump -z bzip2/gzip permission denied
  - From: Zaki Akhmad

Prev by Date: [Wireshark-users] tshark decode
Next by Date: Re: [Wireshark-users] tshark decode
Previous by thread: [Wireshark-users] tcpdump -z bzip2/gzip permission denied
Next by thread: [Wireshark-users] how can I check if wireshark process is user or system terminated
Index(es):
- Date
- Thread