Bug 45305

Summary: RFE: arpwatch to default to dropping root
Product: [Retired] Red Hat Raw Hide Reporter: Pekka Savola <pekkas>
Component: tcpdumpAssignee: Harald Hoyer <harald>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 1.0Keywords: FutureFeature
Target Milestone: ---   
Target Release: ---   
Hardware: i386   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2001-06-21 10:06:50 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Pekka Savola 2001-06-21 10:06:47 UTC 
Default /etc/sysconfig/arpwatch should be created, which would cause
arpwatch to
relinquish root privileges when run in the default installation.

'arpwatch' or something more generic, like 'tcpdump' or 'pcap' uid/gid
should be 
reserved for this (tcpdump, when used for monitoring can also drop privs,
ethereal?, ...)
Comment 1 Harald Hoyer 2001-07-19 13:05:53 UTC 
created default /etc/sysconfig/arpwatch with OPTIONS="-u daemon"
Comment 2 Pekka Savola 2001-07-19 13:08:49 UTC 
Please note that /var/arpwatch must also be made owned by the same uid, and (at
least some)
files there too.