not possible to run tcpdump manually for flatpak-version

[freddii]

sudo tcpdump -ni any -s0 --immediate-mode --packet-buffered -w /home/freddii/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 -B 8192
[sudo] Passwort für freddii:
tcpdump: data link type LINUX_SLL2
tcpdump: /home/freddii/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2: Permission denied

[emmanueltouzery]

hmm. i'm a little confused how come the command fails although you run it with sudo :|

[freddii]

running the following command works, but then the log is at the wrong location.
sudo tcpdump -ni any -s0 --immediate-mode --packet-buffered -w /home/freddii/hotwire-record-2 -B 8192

[emmanueltouzery]

it works for me.

$ sudo tcpdump -ni any -s0 --immediate-mode --packet-buffered -w /home/emmanuel/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 -B 8192
[sudo] password for emmanuel: 
tcpdump: data link type LINUX_SLL2
dropped privs to tcpdump
tcpdump: listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes
7282 packets captured
7454 packets received by filter
166 packets dropped by kernel

which distribution are you using? what does ls -lh ~/.var/app/com.github.emmanueltouzery.hotwire/data/ print?

[freddii]

OS: Debian GNU/Linux bookworm/sid x86_64

$ ls -lh ~/.var/app/com.github.emmanueltouzery.hotwire/data/
insgesamt 4,0K
drwxr-xr-x 2 freddii freddii 4,0K 12. Jan 13:09 hotwire

[emmanueltouzery]

same as me. so you have the right to write in ~/.var/app/com.github.emmanueltouzery.hotwire/data/.
Presumaby both touch ~/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 and sudo touch ~/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 should work (do sudo rm ~/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 in-between).

Maybe it's related to tcpdump reducing its privileges.. which version of tcpdump do you have?

for me...

$ tcpdump --version
tcpdump version 4.99.1
libpcap version 1.10.1 (with TPACKET_V3)
OpenSSL 1.1.1l  FIPS 24 Aug 2021

[freddii]

$ tcpdump --version
tcpdump version 4.99.1
libpcap version 1.10.1 (with TPACKET_V3)
OpenSSL 1.1.1m 14 Dec 2021

touch ~/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 and sudo touch ~/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 are working.
hotwire is also creating that file when pressing on capture.

[freddii]

Looks like i have problems with foldernames with dots in it.
Maybe its a problem of my setup or tcpdump.
When i change the foldername from "test" to ".test", it fails.

$ sudo tcpdump -ni any -s0 --immediate-mode --packet-buffered -w "/home/freddii/test/dump" -B 8192
tcpdump: data link type LINUX_SLL2
tcpdump: listening on any, link-type LINUX_SLL2 (Linux cooked v2), snapshot length 262144 bytes

$sudo tcpdump -ni any -s0 --immediate-mode --packet-buffered -w "/home/freddii/.test/dump" -B 8192
tcpdump: data link type LINUX_SLL2
tcpdump: /home/freddii/.test/dump: Permission denied

so it seams not to be a bug of hotwire.

[lvlgl]

I can't get tcpdump to work. Maybe we could create a named pipe in /tmp instead of user's home?

[emmanueltouzery]

in the end tcpdump has to run on your machine, because the flatpak won't have the privileges.

we'd need to establish exactly what's the problem. You can ask hotwire to open a fifo from the GUI. If you use the open menu and ask it to open a fifo. And then you decide where is the fifo on disk.

so you can run any tcpdump command you like, and make it write to a fifo you create yourself wherever the hotwire flatpak can read.
Just use the mkfifo command to create it. Let me know it works out!

[lvlgl]

This menu does not allow me to open any single file, including a fifo in /tmp with file permissions set to 0777. I was only able to list directories using this menu.

[sysfu]

Having a similar issue attempting to run the prescribed tcpdump command on Elementary OS 6.1 Jolnir (based on Ubuntu 20.4.5 LTS)

$ sudo tcpdump -ni any -s0 --immediate-mode --packet-buffered -w /home/user/.var/app/com.github.emmanueltouzery.hotwire/data/hotwire/hotwire-record-2 -B 8192 tcpdump: Couldn't change ownership of savefile

[sysfu]

I was able to resolve the issue by manually compiling and installing the current version of tcpdump, 4.99.3

[emmanueltouzery]

This menu does not allow me to open any single file, including a fifo in /tmp with file permissions set to 0777. I was only able to list directories using this menu.

you can give to the flatpak access to more folders like so:

flatpak override --user --filesystem=/tmp com.github.emmanueltouzery.hotwire

or check things like:
https://askubuntu.com/questions/1086529/how-to-give-a-flatpak-app-access-to-a-directory

[lvlgl]

It does have access to the host filesystem, I was talking about the file picker. It is restricted to a certain filetype shown as (None), and I can't choose a pipe because I only see folders everywhere

[emmanueltouzery]

it does display (None) for me as well, but I can pick files. And I am running it as flatpak. So if you gave the access I'm not really sure what's going on.

[lvlgl]

filesystem=host permission was granted using Flatseal, and the file picker does not show files. It does show directories though

[hariienesh]

Same error even if you build from source

Capturing on '/home/mind/.local/share/hotwire/hotwire-record-41068'
tcpdump: Couldn't change ownership of savefile
tshark: Unexpected error from select: Interrupted system call.