On 08/01/2019 13.33, Andreas Stieger wrote:
Hello,
On 1/8/19 1:24 PM, Rodney Baker wrote:
This came out of a discussion a few weeks ago on the regular opensuse mailing list. Someone mentioned that Wireshark still needs to be run as root on openSuSE, however, for some time now, Wireshark has had privilege separation to allow the UI to be run as the logged-in user will still allowing libpcap privileged access to be able to perform packet capture.
This is already implemented. From package changelog:
- Use capabilities to be able to run capture as a non-root user. In easy system permissions mode all users can capture traffic. In secure system permissions mode, must be added to the wireshark group to capture.
See https://bugzilla.opensuse.org/show_bug.cgi?id=957624
If it is not already, this should be made the default in openSuSE. Does this need a bugzilla?
Actually it should NOT be the default, as general network package capturing should be limited to specific users. In this case those added to the wireshark group.
I don't have a wireshark group (Leap 15.0) Telcontar:~ # grep wire /etc/group Telcontar:~ # Telcontar:~ # grep dumpcap /etc/permissions.easy /usr/bin/dumpcap root:root 0755 Is it just enough for me to add it, or must I run some script? Document somewhere? -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)