But when you run it from command line, are you running it from the www-data user? My guess is that you are using some kind of user or root account. Does www-data have access to /var/www/html/temp/testing.pcap and is it capturing to a directory that also has write permission for www-data?
Try logging in as www-data and see if you can write to the places your capture needs to write to. It sounds like a simple permissions issue to me.
But when you run it from command line, are you running it from the www-data user?
No, I am logged in as testuser
Does www-data have access to /var/www/html/temp/testing.pcap and is it capturing to a directory that also has write permission for www-data?
Yes, www-data has write permissions to that folder. I can create and edit files within that folder from web pages.
Try logging in as www-data
I don;t know what the default password would be. Apache is the one that assigns username www-data but I can;t find what the default password is.
i’m not 100% sure that sudoers file looks right
Thanks. I fixed the spacing but still have the same problem.
The reason why I use the line www-data ALL=(testuser) NOPASSWD: /usr/sbin/*tcpdump*
is to have user www-data run as testuser but this is not working from the webpage
Or maybe there is another method to run tcpdump from a web page?
Not generally, because running programs from a web interface is an open invitation to DDoS your server (“You mean I can make your computer do a command at whim by opening a webpage? What if i open 100,000 webpages all at once?”). But I digress.
Random google searches did turn up a comment to make sure you don’t have a requiretty directive in the sudoers file…