#[cfg(target_os = "linux")]
pub fn ensure_caps() -> anyhow::Result<()> {
if caps::has_cap(None, caps::CapSet::Permitted, caps::Capability::CAP_NET_RAW)? {
caps::raise(None, caps::CapSet::Effective, caps::Capability::CAP_NET_RAW)?;
} else {
eprintln!("capability CAP_NET_RAW is required, see https://github.com/fujiapple852/trippy#privileges");
std::process::exit(-1);
}
Ok(())
}
#[cfg(target_os = "linux")]
pub fn drop_caps() -> anyhow::Result<()> {
caps::clear(None, caps::CapSet::Effective)?;
Ok(())
}
#[cfg(all(unix, not(target_os = "linux")))]
#[allow(clippy::unnecessary_wraps)]
pub fn ensure_caps() -> anyhow::Result<()> {
if !nix::unistd::Uid::effective().is_root() {
eprintln!("root user required to use raw sockets, see https://github.com/fujiapple852/trippy#privileges");
std::process::exit(-1);
}
Ok(())
}
#[cfg(all(unix, not(target_os = "linux")))]
#[allow(clippy::unnecessary_wraps)]
pub fn drop_caps() -> anyhow::Result<()> {
Ok(())
}
#[cfg(not(unix))]
#[allow(clippy::unnecessary_wraps)]
pub fn ensure_caps() -> anyhow::Result<()> {
Ok(())
}
#[cfg(not(unix))]
pub fn drop_caps() -> anyhow::Result<()> {
Ok(())
}