From 81487c8b36be124b25dd725d06e3dde7dc3cc5f4 Mon Sep 17 00:00:00 2001
From: Max <msuraev@sysmocom.de>
Date: Mon, 18 Mar 2019 14:18:31 +0100
Subject: [PATCH] Use dumpcap for ttcn3-tcpdump-*.sh if available

Check if dumpcap is installed (either as suid or with appropriate
capabilities) and use it for packet capture instead of
'sudo tcpdump' if available. This makes it easier to use TTCN-3
testsuite as regular user without altering sudoers.

Change-Id: I77df04d51a469c924cf727f0596cc33565909746
---
 ttcn3-tcpdump-start.sh | 16 ++++++++++++++++
 ttcn3-tcpdump-stop.sh  |  3 ++-
 2 files changed, 18 insertions(+), 1 deletion(-)

diff --git a/ttcn3-tcpdump-start.sh b/ttcn3-tcpdump-start.sh
index b8ad01acd..9bf3c0aa4 100755
--- a/ttcn3-tcpdump-start.sh
+++ b/ttcn3-tcpdump-start.sh
@@ -2,6 +2,7 @@
 
 PIDFILE=/tmp/dumper.pid
 TCPDUMP=/usr/sbin/tcpdump
+DUMPCAP=/usr/bin/dumpcap
 TESTCASE=$1
 
 echo "------ $TESTCASE ------"
@@ -23,6 +24,21 @@ else
 # "laforge ALL=NOPASSWD: /usr/sbin/tcpdump, /bin/kill" in your sudoers file
 	CMD="sudo $TCPDUMP -U"
 fi
+
+if [ -x $DUMPCAP ]; then
+    CAP_ERR="1"
+    if [ -x /sbin/setcap ]; then
+	# N. B: this check requires libcap2-bin package
+	setcap -q -v 'cap_net_admin,cap_net_raw=pie' $DUMPCAP
+	CAP_ERR="$?"
+    fi
+    if [ -u $DUMPCAP -o "$CAP_ERR" = "0" ]; then
+	CMD="$DUMPCAP -q"
+    else
+ 	echo "NOTE: unable to use dumpcap due to missing capabilities or suid bit"
+    fi
+fi
+
 $CMD -s 1500 -n -i any -w "$TTCN3_PCAP_PATH/$TESTCASE.pcap" >$TTCN3_PCAP_PATH/$TESTCASE.pcap.stdout 2>&1 &
 PID=$!
 echo $PID > $PIDFILE
diff --git a/ttcn3-tcpdump-stop.sh b/ttcn3-tcpdump-stop.sh
index f53cf5d19..c1ab9d080 100755
--- a/ttcn3-tcpdump-stop.sh
+++ b/ttcn3-tcpdump-stop.sh
@@ -32,7 +32,8 @@ do
 done
 
 if [ -e $PIDFILE ]; then
-	if [ "$(id -u)" = "0" ]; then
+        DUMPER="$(ps -q "$(cat "$PIDFILE")" -o comm=)"
+	if [ "$DUMPER" != "sudo" ]; then
 		kill "$(cat "$PIDFILE")"
 	else
 	# NOTE: This requires you to be root or something like