-Zroot still calls setuid under Linux namespaces

[dleonard0]

When tcpdump (compiled with -DWITH_USER='"tcpdump"') is run under a Linux user namespace, getuid()==0 but setuid(0) will fail with EPERM. tcpdump's documentation says that the -Z root option disables the setuid call, but this is not actually the case. Instead, tcpdump cannot be used in a uid namespace:

$ unshare -Urn
# ip link add br0 type bridge
# ip link set br0 up
# tcpdump -ibr0 -lvn
tcpdump: Couldn't change to 'tcpdump' uid=137 gid=146: Operation not permitted
# tcpdump -Zroot -ibr0 -lvn
tcpdump: Couldn't change to 'root' uid=0 gid=0: Operation not permitted

I have provided a patch at https://github.com/the-tcpdump-group/tcpdump/pull/967 . With this, tcpdump -Zroot works fine under linux namespaces.

Version information:

# tcpdump --version
tcpdump version 4.99.1
libpcap version 1.10.1 (with TPACKET_V3)
OpenSSL 3.0.2 15 Mar 2022
# uname -a
Linux cwm 5.15.0-43-generic #46-Ubuntu SMP Tue Jul 12 10:30:17 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
# lsb_release -a
Distributor ID:	Ubuntu
Description:	Ubuntu 22.04.1 LTS
Release:	22.04
Codename:	jammy