How to wireshark with user rights

· by Artem Sidorenko · Read in about 1 min · (112 words)

It’s often nessesary to run wireshark with user rights.


Install wireshark, for Fedora&RH Based distributions:

yum install wireshark-gnome

Create a new user group

groupadd wireshark

Adding the users to the new group: edit /etc/group or use gpasswd


Permissions of dumpcap

change the permissions and owner of dumpcap

chown root:wireshark `which dumpcap`
chmod 6550 `which dumpcap`

Change the startup procedure

In RH Based distros consolehelper is used as wrapper to prompt for root password for applications, which need root permissions.

ls -l /usr/bin/wireshark

We don’t need it anymore, so we change this symlink.

unlink /usr/bin/wireshark
ln -s /usr/sbin/wireshark /usr/bin/wireshark

From now we start the right wireshark application

See also