Re: Running Wireshark as non-root in Squeeze
On Thu, 04 Aug 2011 15:37:46 +0100, Tony van der Hoff wrote:
> Thanks for your reply Cameleón.
>
> On 04/08/11 15:26, Camaleón wrote:
>> On Thu, 04 Aug 2011 13:02:09 +0100, Tony van der Hoff wrote:
>>
>>> I'm trying to get Wireshark to work in non-root mode in Squeeze. There
>>> is a sort of how-to at /usr/share/doc/wireshark-common/README.Debian,
>>> but to be honest, I don't understand it.
>>
>> Mmm... did you configure it as "I.a" or "I.b"? Do you have a
>> customized/ vanilla kernel or Debian's stock one?
>>
> Configure what, how? I can find no configuration files.
Configure as readme file says :-)
It seems there are two ways to setup wireshark (from readme file):
***
I./a. Installing dumpcap and allowing non-root users to capture packets
I./b. Installing dumpcap without allowing non-root users to capture
packets
The installation method can be changed any time by running:
dpkg-reconfigure wireshark-common
***
What did you select?
> Using Debian's stock amd64 kernel.
Then method I.a should work.
>> Readme file says that you have to manually add the users to wireshark
>> group. And I bet that running the app as root will also work.
>>
> Well, as I said, there is no wireshark group. Perhaps that is the
> problem.
My wild-guess is that selecting the install method I.a should have
created the "wireshark" group accordingly or at least it what I would
have expected :-?
> Running as root does indeed work, but pops up a dire warning that it's
> dangerous to do so. I don't particularly want to run as root.
Wireshark needs high priviledge access to network interfaces (like
tcpdump and related tools) to put network adapter in promiscous mode so
running the app as root has always been the usual method.
Greetings,
--
Camaleón
Reply to: