Module: Ethernet::Provisioning

Defined in:
lib/ethernet/provisioning.rb

Overview

Setup issues such as assigning permissions for Ethernet-level transmission.

Class Method Summary collapse

Class Method Details

.usermode_socketsObject

Allow non-root users to create low-level Ethernet sockets.

This is a security risk, because Ethernet sockets can be used to spy on all traffic on the machine’s network. This should not be called on production machines.

Returns true for success, false otherwise. If the call fails, it is most likely because it is not run by root / Administrator.



17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
 
# File 'lib/ethernet/provisioning.rb', line 17

def self.usermode_sockets
  case RUBY_PLATFORM
  when /darwin/
    return false unless Kernel.system("chmod o+r /dev/bpf*")
  when /linux/
    ruby = File.join Config::CONFIG['bindir'],
                     Config::CONFIG['ruby_install_name']
    unless Kernel.system("setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' #{ruby}")
      return false
    end
    
    # Try to enable Wireshark packet capture for debugging.
    # No big deal if this fails.
    dumpcap = '/usr/bin/dumpcap'
    if File.exist? dumpcap
      Kernel.system("setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' #{dumpcap}")
    end
  when /win/
    # NOTE: this might not work
    return false unless Kernel.system("sc config npf start= auto")
  else
    raise "Unsupported platform #{RUBY_PLATFORM}"
  end
  true
end