1 |
>> I'm confused on how to run wireshark on Gentoo. The ebuild says: |
2 |
>> |
3 |
>> * With version 0.99.7, all function calls that require elevated privileges |
4 |
>> * have been moved out of the GUI to dumpcap. WIRESHARK CONTAINS OVER ONE |
5 |
>> * POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT. |
6 |
>> * |
7 |
>> * NOTE: To run wireshark as normal user you have to add yourself into |
8 |
>> * wireshark group. This security measure ensures that only trusted |
9 |
>> * users allowed to sniff your traffic. |
10 |
>> |
11 |
>> I added my user to the wireshark group, but there are no interfaces |
12 |
>> listed in the program. I read: |
13 |
>> |
14 |
>> http://wiki.wireshark.org/CaptureSetup/CapturePrivileges |
15 |
>> |
16 |
>> "Running Wireshark (or any other network capture/analyzer, for that |
17 |
>> matter) on Linux needs root privileges. Therefore, you have to have |
18 |
>> root privileges when starting Wireshark, else you can't capture data." |
19 |
>> |
20 |
>> I'm not sure how to proceed. |
21 |
>> |
22 |
>> - Grant |
23 |
>> |
24 |
>> |
25 |
>> |
26 |
> |
27 |
> |
28 |
> Works as a user here. Here is some info to compare against. |
29 |
> |
30 |
> root@smoker / # emerge -pv wireshark |
31 |
> |
32 |
> These are the packages that would be merged, in order: |
33 |
> |
34 |
> Calculating dependencies... done! |
35 |
> [ebuild R ] net-analyzer/wireshark-1.0.5 USE="caps gtk ipv6 pcap |
36 |
> pcre zlib -adns -gcrypt -gnutls -kerberos -lua -portaudio -profile |
37 |
> (-selinux) -smi -threads" 0 kB |
38 |
> |
39 |
> Total: 1 package (1 reinstall), Size of downloads: 0 kB |
40 |
> root@smoker / # cat /etc/group | grep wireshark |
41 |
> wireshark:x:444:dale |
42 |
> root@smoker / # |
43 |
> |
44 |
> Hope that helps. |
45 |
> |
46 |
> Dale |
47 |
|
48 |
Thanks Dale, my stuff is very similar to your's. I don't know why it |
49 |
isn't finding eth0 and wlan0 (USB wireless). I'll ask on the hardened |
50 |
list in case it's a hardened issue. |
51 |
|
52 |
- Grant |