From e4420fbfc62708879e60dc0975005c08aa69ef9a Mon Sep 17 00:00:00 2001 From: Teoh Han Hui Date: Sat, 22 May 2021 01:48:20 +0800 Subject: [PATCH] Fix setcap example * Use POSIX sh command substitution syntax * Use `command -v` shell built-in instead of `which` --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 00a0a0b6f..91260d08a 100644 --- a/README.md +++ b/README.md @@ -125,7 +125,7 @@ OPTIONS: On Linux, you can give the `bandwhich` binary a permanent capability to use the required privileges, so that you don't need to use `sudo bandwhich` anymore: ```bash -sudo setcap cap_sys_ptrace,cap_dac_read_search,cap_net_raw,cap_net_admin+ep `which bandwhich` +sudo setcap cap_sys_ptrace,cap_dac_read_search,cap_net_raw,cap_net_admin+ep $(command -v bandwhich) ``` `cap_sys_ptrace,cap_dac_read_search` gives `bandwhich` capability to list `/proc//fd/` and resolve symlinks in that directory. It needs this capability to determine which opened port belongs to which process. `cap_net_raw,cap_net_admin` gives `bandwhich` capability to capture packets on your system.