Wireshark mailing list archives
Re: dumpcap permissions - Quick help for Ubuntu newbie needed
From: "RUOFF, LARS (LARS)** CTR **" <lars.ruoff () alcatel-lucent com>
Date: Thu, 22 Mar 2012 10:32:24 +0100
$ sudo chmod +s /path/to/dumpcap Nice! Didn't know that. Thanks Chris.
From the alarm-red color ls now prints /path/to/dumpcap on my console I conclude there might be some security risk here ;-), but as in my case it's in an isolated lab system, it's fine for me.
Lars -----Original Message----- From: wireshark-users-bounces () wireshark org [mailto:wireshark-users-bounces () wireshark org] On Behalf Of Christopher Maynard Sent: mercredi 21 mars 2012 17:14 To: wireshark-users () wireshark org Subject: Re: [Wireshark-users] dumpcap permissions - Quick help for Ubuntu newbie needed RUOFF, LARS (LARS)** CTR ** <lars.ruoff@...> writes:
Ok, just for completeness so it might help others too, i need to be root AND
in root's home dir to caputre: One possible solution? $ sudo chmod +s /path/to/dumpcap $ ls -l /path/to/dumpcap -rwsr-sr-x 1 root root 66040 Oct 6 2010 /path/to/dumpcap* $ whoami dummy $ dumpcap -w test.pcap File: test.pcap Packets: 19 Packets dropped: 0 $ ls -l test.pcap -rw------- 1 dummy users 1920 Mar 21 12:06 test.pcap In this case, the user and group are what I would expect. Another possible solution? $ sudo visudo # Defaults specification Defaults stay_setuid :wq $ sudo chmod -s /path/to/dumpcap $ ls -l /path/to/dumpcap -rwxr-xr-x 1 root root 66040 Oct 6 2010 /path/to/dumpcap* $whoami dummy $ dumpcap -w test.pcap File: test.pcap Packets: 26 Packets dropped: 0 $ ls -l test.pcap -rw------- 1 dummy root 2626 Mar 21 12:10 test.pcap In this case, the user is what I would expect, but the group isn't. I'm not sure how to get the group to be "users" instead of "root". I tried adding preserve_groups to the sudoers file, but that didn't work. - Chris ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe ___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- dumpcap permissions - Quick help for Ubuntu newbie needed RUOFF, LARS (LARS)** CTR ** (Mar 20)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed Unuetzer, Christian (AMOS SE) (Mar 20)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed RUOFF, LARS (LARS)** CTR ** (Mar 20)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed Joerg Mayer (Mar 20)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed RUOFF, LARS (LARS)** CTR ** (Mar 21)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed Wes (Mar 21)
- Re: [Wireshark-users] dumpcap permissions - Quick help for Ubuntu newbie needed Christopher Maynard (Mar 21)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed RUOFF, LARS (LARS)** CTR ** (Mar 22)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed Tony Trinh (Mar 22)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed RUOFF, LARS (LARS)** CTR ** (Mar 20)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed Unuetzer, Christian (AMOS SE) (Mar 20)
- Re: dumpcap permissions - Quick help for Ubuntu newbie needed Unuetzer, Christian (AMOS SE) (Mar 21)