[SOLVED] Wireshark from a non root user

xartii · 2012-09-07 06:51:16

Hi,

Recently I've tried to install wireshark. I wanted to use it from my everyday user. However I encountered a problem during the installation

Failed to set capabilities on file `/usr/bin/dumpcap' (Operation not supported)
usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ]

 Note <filename> must be a regular (non-symlink) file.

After installation I added my user to wireshark group.
So first thing I did was checking if /usr/bin/dumpcap is not a symlink to something else but it isn't.

Then I went to the wireshark page which gave me this solution:

setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap

But it gives the same error. I figured out a simple workaround. I gave dumpcap a +s bit.
But I'd like to know if it's secure or is there a better way of doing this?

Last edited by xartii (2012-09-07 11:01:47)

tasos · 2012-09-07 10:06:44

Hi,

what filesystem are you using in /usr ? Does it support capabilities?

xartii · 2012-09-07 11:01:28

Oh, silly me. I forgot to compile the capabilities support for ext4 in my custom kernel. Topic may be closed.
And also if any mod feels it's in a wrong category it may be transferred.

Thanks,
xartii

Arch Linux

#1 2012-09-07 06:51:16

[SOLVED] Wireshark from a non root user

#2 2012-09-07 10:06:44

Re: [SOLVED] Wireshark from a non root user

#3 2012-09-07 11:01:28

Re: [SOLVED] Wireshark from a non root user

Board footer