2014-07-13 18:51 GMT+02:00 Vadim Zhukov <persg...@gmail.com>:
> 2014-07-13 17:50 GMT+02:00 Landry Breuil <lan...@rhaalovely.net>:
>> Hi,
>>
>> so it's been a while this hasn't been debated, and i think the general
>> consensus is now 'why are we applying stronger stance against wireshark
>> compared to other monsters in the tree?' - right now, ppl are either
>> installing it themselves from source, not updating it, running it as
>> root, fiddling with perms on bpf, etc.
>>
>> The idea is to import it (and update it!), the binary doing the capture
>> and needing privileges is separated (but DOESNT do privdrop), so we
>> might aswell install it setuid root, group _wireshark and mode 4550.
>>
>> This way, only users in the _wireshark group (gid 735 to reserve) might
>> be able to do captures, and only the captures are done as root. Almost
>> works ootb, you just need to add yourself to _wireshark. Might warrant a
>> MESSAGE ?
>
> More likely, a README.
>
>> This is exactly
>> https://github.com/jasperla/openbsd-wip/tree/master/net/wireshark,
>> updated to 1.10.8, with all the flavor goos removed (python is broken,
>> why bother with a gtk2 version, etc). Python support might come back if
>> fixed in the devel version (which moved to qt) but atm the latter is
>> only at 1.12.0rc2, while 1.8/1.10 has been somewhat tested.
>>
>> oks to import/bikeshed ?
>
> 1. What's the point in having similar VER and WVER?
> 2. Commented out CFLAGS in port Makefile?
>
> Now to build&run cycle...
Build fine, and port-lib-depends-check complained that -main is
missing -llua5.2 - maybe something should move from -main to -text?
Otherwise, ${MODLUA_WANTLIB} should move to WANTLIB.
Otherwise, looks okay to at least import it now.
--
WBR,
Vadim Zhukov
