Wireshark Group
Rainer Müller
raimue at macports.org
Sun Jun 18 18:27:47 UTC 2017
On 2017-06-18 18:49, Stephen Rasku wrote:
> I just installed the "wireshark2" port but it isn't working because of
> permissions. On Linux, I would usually add the interfaces to the
> wireshark group and add myself to that group.
>
> However, it seems that I don't have a wireshark group. Should it have
> created one? Do I need to create it manually? Is there a better
> practice to run wireshark as a non-root user (i.e. without sudo)?
In order to capture packets, wireshark needs read/write access to the
/dev/bpf* device files. You can transfer ownership to a group you are in
and grant that group permission.
sudo chgrp staff /dev/bpf*
sudo chmod g+rw /dev/bpf*
FWIW, the upstream wireshark packaging automates this step by creating a
new access_bpf group [1] and installs a launch daemon script [2]. This
way permissions are set up on boot. Something similar could be
contributed to the MacPorts port. At least the required steps should be
documented somewhere, for example in 'port notes'.
Rainer
PS: Please use @lists.macports.org instead of old macOS forge addresses.
[1]
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=blob;f=packaging/macosx/Scripts/chmodbpf-postinstall.sh;h=08631b3fd12439e1ddaa8856b2a3de8b6f73641c;hb=HEAD
[2]
https://code.wireshark.org/review/gitweb?p=wireshark.git;a=tree;f=packaging/macosx/ChmodBPF;h=4c9b830bc770a69c714621406a0aa28aeddd58e3;hb=HEAD
More information about the macports-users
mailing list