[Bug 483106] Re: cannot perform packet captures as a regular user
Balint Reczey
balint at balintreczey.hu
Sun Dec 6 00:38:27 UTC 2009
Copying README.Debian [0] here:
Capturing packets with Wireshark/Tshark
There are two ways of installing Wireshark/Tshark on Debian:
I. Installing dumpcap with SETUID bit set
Members of group wireshark will be able to capture packets on network
interfaces. This is the preferred way of installation if Wireshark/Tshark
will be used for capturing and displaying packets at the same time, since
that way only the dumpcap process has to be run with root privileges
thanks to the privilege separation[1].
Note that no user will be added to group wireshark automatically, the system
administrator has to add them manually.
II. Installing dumpcap without SETUID bit set
Only root user will be able to capture packets. It is advised to capture
packets with the bundled dumpcap program as root and then run Wireshark/Tshark
as an ordinary user to analyze the captured logs. [2]
The installation method can be changed anytime by running:
dpkg-reconfigure wireshark-common
[1] http://wiki.wireshark.org/Development/PrivilegeSeparation
[2] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges
[0] http://svn.debian.org/wsvn/collab-maint/ext-
maint/wireshark/trunk/debian/README.Debian
--
cannot perform packet captures as a regular user
https://bugs.launchpad.net/bugs/483106
You received this bug notification because you are a member of Ubuntu
Bugs, which is a direct subscriber.
--
ubuntu-bugs mailing list
ubuntu-bugs at lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
More information about the universe-bugs
mailing list