Re: Wireshark: how can I give rights to interfaces without launching it as root?

To: debian-user@lists.debian.org
Subject: Re: Wireshark: how can I give rights to interfaces without launching it as root?
From: Merciadri Luca <Luca.Merciadri@student.ulg.ac.be>
Date: Sat, 26 Jun 2010 00:03:32 +0200
Message-id: <[🔎] 4C2527B4.7040500@student.ulg.ac.be>
Reply-to: Luca.Merciadri@student.ulg.ac.be
In-reply-to: <[🔎] 20100625161659.98bf2d17.celejar@gmail.com>
References: <[🔎] 4C24C15C.7040000@student.ulg.ac.be> <[🔎] 20100625152126.2ce4db14.celejar@gmail.com> <[🔎] 4C2503AE.1070803@student.ulg.ac.be> <[🔎] 20100625161659.98bf2d17.celejar@gmail.com>

Celejar wrote:
> [Please don't cc. me.]
>
> On Fri, 25 Jun 2010 21:29:50 +0200
> Merciadri Luca <Luca.Merciadri@student.ulg.ac.be> wrote:
>
>   
>
> Different README; mine doesn't have that stuff, but:
>
> I. Capturing packets with Wireshark/Tshark
>
>    There are two ways of installing Wireshark/Tshark on Debian:
>
>    I./a. Installing dumpcap and allowing non-root users to capture packets
>
>       Members of the wireshark group will be able to capture packets on network 
>       interfaces. This is the preferred way of installation if Wireshark/Tshark
>       will be used for capturing and displaying packets at the same time, since
>       that way only the dumpcap process has to be run with elevated privileges 
>       thanks to the privilege separation[1].
>
>       Note that no user will be added to group wireshark automatically, the 
>       system administrator has to add them manually.
>
>       The additional privileges are provided using the Linux Capabilities
>       system where possible or using the set-user-id bit, where the Linux 
>       Capabilities are not present (Debian GNU/kFreeBSD, Debian GNU/Hurd).
>
>       Linux kernels provided by Debian support Linux Capabilities, but custom
>       built kernels may lack this support. If the support for Linux
>       Capabilities is not present at the time of installing wireshark-common
>       package, the installer will fall back to set the set-user-id bit to
>       allow non-root users to capture packets.
>
>       If installation succeeds with using Linux Capabilities, non-root users
>       will not be able to capture packets while running kernels not supporting
>       Linux Capabilities.
>
>     I./b. Installing dumpcap without allowing non-root users to capture packets
>
>       Only root user will be able to capture packets. It is advised to capture
>       packets with the bundled dumpcap program as root and then run 
>       Wireshark/Tshark as an ordinary user to analyze the captured logs. [2]
>       
>       
>    The installation method can be changed any time by running:
>    dpkg-reconfigure wireshark-common
>   
Thanks. Exactly what I wanted.

-- 
Merciadri Luca
See http://www.student.montefiore.ulg.ac.be/~merciadri/
I use PGP. If there is an incompatibility problem with your mail
client, please contact me.


The eyes are the window of the soul.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to:

References:
- Wireshark: how can I give rights to interfaces without launching it as root?
  - From: Merciadri Luca <Luca.Merciadri@student.ulg.ac.be>
- Re: Wireshark: how can I give rights to interfaces without launching it as root?
  - From: Celejar <celejar@gmail.com>
- Re: Wireshark: how can I give rights to interfaces without launching it as root?
  - From: Merciadri Luca <Luca.Merciadri@student.ulg.ac.be>
- Re: Wireshark: how can I give rights to interfaces without launching it as root?
  - From: Celejar <celejar@gmail.com>

Prev by Date: Re: FileZilla and auto-update of the server copy of my website
Next by Date: Re: Understanding my recurrent network connectivity problems
Previous by thread: Re: Wireshark: how can I give rights to interfaces without launching it as root?
Next by thread: Using gparted GUI to make GPT partition tables
Index(es):
- Date
- Thread