You are not logged in.

#1 2014-11-09 10:09:52

jaro
Member
Registered: 2013-10-10
Posts: 25

[SOLVED] wireshark - capturing a traffic as a non-root user

Hi,

I want to capture a traffic as a non-root user using a wireshark
I'm a member both of wireshark and network groups.
In spite of that I get the following error message:

    The capture session could not be initiated on interface 'enp0s25' (You don't have permission to capture on that device).
    Please check to make sure you have sufficient permissions, and that you have the proper interface or pipe specified.

The interface enp0s25 exists in my system.

What else should I do.

thanks for help

Last edited by jaro (2014-11-10 16:31:45)

Offline

#2 2014-11-09 10:38:05

erkexzcx
Banned
From: Kaunas
Registered: 2014-09-28
Posts: 77

Re: [SOLVED] wireshark - capturing a traffic as a non-root user

open terminal as regular user and type

$ groups

check if it prints out those 2 groups. Then if it doesn't, try this:

$ sudo su
# usermod -aG additional_groups username

and then reboot pc.

If still doesn't - Am out of ideas. Try to run it as root. If you don't want to always type "sudo wireshark" just follow these steps:

Step 0. Be happy
Step 1. Edit /etc/sudoers file as root
Step 2. Put this line into that file:

<your_username> ALL = NOPASSWD: /usr/bin/wireshark

and save
Step 3. Change your launcher, menu or whatever from "wireshark" to "sudo wireshark" (or gksudo/kdesu instead of sudo, if needed).
Step 4. Have a break. Thats it. big_smile

I also checked arch wiki about permissions - have no idea what could be wrong. Try my steps, it might help you.


Allergic to admins&moderators. They scare me.

Offline

#3 2014-11-09 12:00:11

Spider.007
Member
Registered: 2004-06-20
Posts: 1,175

Re: [SOLVED] wireshark - capturing a traffic as a non-root user

What happens if you run /usr/bin/dumpcap manually in the cli?

Last edited by Spider.007 (2014-11-09 12:01:59)

Offline

#4 2014-11-09 22:36:35

herOldMan
Member
Registered: 2013-10-11
Posts: 132

Re: [SOLVED] wireshark - capturing a traffic as a non-root user

Offline

#5 2014-11-10 16:31:25

jaro
Member
Registered: 2013-10-10
Posts: 25

Re: [SOLVED] wireshark - capturing a traffic as a non-root user

Thanks all of you for help.
The final solution was:
setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/sbin/dumpcap

Offline

Board footer

Powered by FluxBB