The more i read about this, the less i like (or understand) the wireshark implementation/integration in Ubuntu. If you are only using wireshark for analyzing capture files, then fine. But if you are actually using these tools for capturing packets, then Ubuntu will not make your life easier.
No such thing as a "launch wireshark as root" menu item. And if you try to use the terminal instead (having learned that wireshark as root is pure evil), then you will discover, by trial and error, that you cannot really write capture files to your own home folder, even with sudo. Secure? Sure. User friendly? No. However, I'm very pleased to read that this can be fixed by running dpkg-reconfigure, and then adding yourself to the wireshark group, but this should really be the default behavior. On 6/14/11, Balint Reczey <bal...@balintreczey.hu> wrote: > Please see README.Debian on your system [2] or at the package repository > [1]. > > The dropping of privileges is intentional and users are encouraged to use > the Linux Capabilities system > for capturing. > > References: > [1] > http://anonscm.debian.org/viewvc/collab-maint/ext-maint/wireshark/trunk/debian/README.Debian?revision=18692&view=markup > [2] file:///usr/share/doc/wireshark-common/README.Debian > [3] http://wiki.wireshark.org/CaptureSetup/CapturePrivileges > > -- > You received this bug notification because you are subscribed to the bug > report. > https://bugs.launchpad.net/bugs/389467 > > Title: > sudo dumpcap will not write output files to ~/ > > Status in “wireshark” package in Ubuntu: > Invalid > > Bug description: > Binary package hint: wireshark-common > > dumpcap from wireshark-common (wireshark 1.07 release) will not write > its output to ~/ (with sudo). > > $ sudo dumpcap -i eth0 -w ~/test.cap > The file to which the capture would be saved ("/home/sune/test.cap") could > not be opened: Permission denied. > > whereas > > sudo dumpcap -i eth0 -w /tmp/test.cap > File: /tmp/test.cap > Packets: 3 > .... > > or even > > sudo dumpcap -i eth0 -w /home/test.cap > File: /tmp/test.cap > Packets: 3 > > work fine! > > (sudo is needed for packet capturing, so it does not make sense to > invoke dumpcap as a normal user.) > > > I can replicate this issue on three different ubuntu 9.04 installations > (server x86, desktop x86, desktop x64). > > Hope you can take a look at this, thank! > > /Sune > --- > Architecture: amd64 > DistroRelease: Ubuntu 11.04 > NonfreeKernelModules: nvidia > Package: wireshark 1.4.6-1 > PackageArchitecture: amd64 > ProcEnviron: > LANGUAGE=en_US:en > PATH=(custom, no user) > LANG=en_US.UTF-8 > SHELL=/bin/bash > ProcVersionSignature: Ubuntu 2.6.38-8.42-generic 2.6.38.2 > Tags: natty > Uname: Linux 2.6.38-8-generic x86_64 > UpgradeStatus: No upgrade log present (probably fresh install) > UserGroups: > > To manage notifications about this bug go to: > https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/389467/+subscriptions > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/389467 Title: sudo dumpcap will not write output files to ~/ To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/wireshark/+bug/389467/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
