From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([69.77.167.62] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1LRY1u-0008Ry-70 for garchives@archives.gentoo.org; Mon, 26 Jan 2009 20:25:58 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 1B1F3E03AB; Mon, 26 Jan 2009 20:25:35 +0000 (UTC) Received: from mail-fx0-f20.google.com (mail-fx0-f20.google.com [209.85.220.20]) by pigeon.gentoo.org (Postfix) with ESMTP id B6978E03AB for ; Mon, 26 Jan 2009 20:25:34 +0000 (UTC) Received: by fxm13 with SMTP id 13so1619191fxm.10 for ; Mon, 26 Jan 2009 12:25:34 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=VjCtI0eoD8ctTAK8WFJKTimuA0YldtKUCp3hx2iro60=; b=DPtfcOiPJHgoGN1PYEECihCdr2eF9O9Ae8BaVrcRfI2QXE3/xZ8n5KmEOMd/+9w23A hahNpANCjnflWos4YaPry4klSN4qpFqLAOLYuqKa+vGBBKdLQWezvPC/zUyfa3xUufS6 uSQzUX65/vmNb9XAi5YjD9s+z5ItzWYg2xXtE= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=vwry8zLZqiYXtFfe4mZ6vuBgKTZ3z1c+EYXMMthaOahrqb0drlxUKAYhiUOugkWHwO VthW5Xtirn4802vA+16xX9nh9hrZRgP/ixsrHFMVb3or0+VwleRxAJPD6p5DDJJ/Gv1j c1o2pzoqfYNSLXJBH0GC04L8yr1BXDdG46ci4= Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 Received: by 10.181.135.5 with SMTP id m5mr34299bkn.171.1233001533963; Mon, 26 Jan 2009 12:25:33 -0800 (PST) In-Reply-To: <497E031D.9020107@gmail.com> References: <49bf44f10901261025h10123b94o31a86b1092d4a15a@mail.gmail.com> <497E031D.9020107@gmail.com> Date: Mon, 26 Jan 2009 12:25:33 -0800 Message-ID: <49bf44f10901261225h7c7fd7cbg4cea442e05c56340@mail.gmail.com> Subject: Re: [gentoo-user] Wireshark on Gentoo From: Grant To: gentoo-user@lists.gentoo.org Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Archives-Salt: 081c80fe-57e3-44b2-bfe3-c972612a8156 X-Archives-Hash: 5fd47775e8df8755715cd967458e8da3 >> I'm confused on how to run wireshark on Gentoo. The ebuild says: >> >> * With version 0.99.7, all function calls that require elevated privileges >> * have been moved out of the GUI to dumpcap. WIRESHARK CONTAINS OVER ONE >> * POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT. >> * >> * NOTE: To run wireshark as normal user you have to add yourself into >> * wireshark group. This security measure ensures that only trusted >> * users allowed to sniff your traffic. >> >> I added my user to the wireshark group, but there are no interfaces >> listed in the program. I read: >> >> http://wiki.wireshark.org/CaptureSetup/CapturePrivileges >> >> "Running Wireshark (or any other network capture/analyzer, for that >> matter) on Linux needs root privileges. Therefore, you have to have >> root privileges when starting Wireshark, else you can't capture data." >> >> I'm not sure how to proceed. >> >> - Grant >> >> >> > > > Works as a user here. Here is some info to compare against. > > root@smoker / # emerge -pv wireshark > > These are the packages that would be merged, in order: > > Calculating dependencies... done! > [ebuild R ] net-analyzer/wireshark-1.0.5 USE="caps gtk ipv6 pcap > pcre zlib -adns -gcrypt -gnutls -kerberos -lua -portaudio -profile > (-selinux) -smi -threads" 0 kB > > Total: 1 package (1 reinstall), Size of downloads: 0 kB > root@smoker / # cat /etc/group | grep wireshark > wireshark:x:444:dale > root@smoker / # > > Hope that helps. > > Dale Thanks Dale, my stuff is very similar to your's. I don't know why it isn't finding eth0 and wlan0 (USB wireless). I'll ask on the hardened list in case it's a hardened issue. - Grant