[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Running Wireshark as non-root in Squeeze

On Thu, 04 Aug 2011 15:37:46 +0100, Tony van der Hoff wrote:

> Thanks for your reply Cameleón.
> On 04/08/11 15:26, Camaleón wrote:
>> On Thu, 04 Aug 2011 13:02:09 +0100, Tony van der Hoff wrote:
>>> I'm trying to get Wireshark to work in non-root mode in Squeeze. There
>>> is a sort of how-to at /usr/share/doc/wireshark-common/README.Debian,
>>> but to be honest, I don't understand it.
>> Mmm... did you configure it as "I.a" or "I.b"? Do you have a
>> customized/ vanilla kernel or Debian's stock one?
> Configure what, how? I can find no configuration files.

Configure as readme file says :-)

It seems there are two ways to setup wireshark (from readme file):

I./a. Installing dumpcap and allowing non-root users to capture packets
I./b. Installing dumpcap without allowing non-root users to capture 

The installation method can be changed any time by running:
dpkg-reconfigure wireshark-common

What did you select?

> Using Debian's stock amd64 kernel.

Then method I.a should work.

>> Readme file says that you have to manually add the users to wireshark
>> group. And I bet that running the app as root will also work.
> Well, as I said, there is no wireshark group. Perhaps that is the
> problem.

My wild-guess is that selecting the install method I.a should have 
created the "wireshark" group accordingly or at least it what I would 
have expected :-?
> Running as root does indeed work, but pops up a dire warning that it's
> dangerous to do so. I don't particularly want to run as root.

Wireshark needs high priviledge access to network interfaces (like 
tcpdump and related tools) to put network adapter in promiscous mode so 
running the app as root has always been the usual method.



Reply to: