Hi all.
Wireshark… network packet sniffer. When opening it as user I had no capturing interfaces to use as a source for sniffing. I don’t feel comfortable running Wireshark as root. Nothing should be run with root privileges unless there is absolutely no other option. So I have decided to mess around with Wireshark and to enable the packet capturing for a non-root user. After a bit of search online I was able to do so.
Here is how.
I assume that You have PCLinuxOS installed / fully upgraded and that You have installed Wireshark.
Run those commands to allow non-root user the Wireshark access:
su
give it a root password
apt-get --yes install libpcap libcap-utils
give it some time to finish.
groupadd wireshark
usermod -a -G wireshark andrzejl
You need to change andrzejl to Your login.
chgrp wireshark /usr/bin/dumpcap
chmod 750 /usr/bin/dumpcap
chmod o+x /usr/bin/dumpcap
setcap cap_net_raw,cap_net_admin=eip /usr/sbin/dumpcap
getcap /usr/bin/dumpcap
after that You can run:
exit
wireshark
This will start Wireshark from Your user account. You should now have access to the capturing interfaces.
Hope this helps somebody someday.
Andy
