Managing BPF device permissions on macOS.
chmod-bpf is a helper utility that focuses on two things:
- Auditing the current BPF device permissions so you immediately know whether packet capture tools will work.
- Installing or uninstalling the hardened launch daemon, scripts, and groups that keep
/dev/bpf*devices accessible to trusted operators.
- Check current BPF device permissions.
- Install and uninstall a daemon to automatically manage BPF device permissions.
- Simple CLI interface for easy interaction.
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/shellrow/chmod-bpf/releases/latest/download/chmod-bpf-installer.sh | shcargo install chmod-bpfgit clone https://github.com/shellrow/chmod-bpf.git
cd chmod-bpf
cargo build --releaseThe CLI exposes three subcommands:
check- Audits BPF permissions, group membership, and known daemon configurations.install- Installs the launch daemon, helper scripts, andaccess_bpfgroup. Requiressudo.uninstall- Removes all helper assets and tears down the daemon. Requiressudo.
Every administrative subcommand accepts -y/--yes to skip the confirmation prompt when you are scripting the tool.
Inspect the current permissions
chmod-bpf checkInstall everything
sudo chmod-bpf installRemove every asset that was previously installed
sudo chmod-bpf uninstall