Hi No, it's a cmake out-of-tree build. There simply does not seem to be a way to set dumpcap correctly. Fun part is, that even dumpcap is set suid, it still does not bring any output run by my user with "dumpcap -D". Only "sudo dumpcap -D" lists any interfaces. With ldd the only library used is wsutil (which should not be an issue), and there are no residual .lib/lt-* files lying around. But I have also built it now with autotools (just to ensure that it is not a cmake-related issue), and still it does not work:
$ getcap dumpcap .libs/lt-dumpcap dumpcap = cap_net_admin,cap_net_raw+eip .libs/lt-dumpcap = cap_net_admin,cap_net_raw+eip $ ls -l dumpcap .libs/lt-dumpcap -rwxr-xr-x 1 knallr knallr 9120 Okt 13 11:02 dumpcap -rwxr-xr-x 1 knallr knallr 279816 Okt 13 11:03 .libs/lt-dumpcap $ ./dumpcap -D dumpcap: There are no interfaces on which a capture can be done Wireshark is the latest git btw. So I am back at assuming it has something to do with my system. Uname output is: Linux ategge1877 3.13.0-24-generic #47-Ubuntu SMP Fri May 2 23:30:00 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux And it is the libpcap0.8 package directly out of the repository. As I am working with extcap filters atm, it does not bother me that much, but I sure want to know, why it is not working. regards Roland On Mon, Oct 13, 2014 at 10:07 AM, Jeff Morriss <jeff.morriss...@gmail.com> wrote: > What build system are you using? > > If autofoo then remember dumpcap is actually a libtool shell script > and Linux doesn't support setuid (and I'd guess also setcap) shell scripts. > You'd need to put the permissions on .libs/lt-dumpcap or whatever it is. > > > On Monday, October 13, 2014, Roland Knall <rkn...@gmail.com> wrote: > >> Hi >> >> This might be a question for -users, but t seems, that the explanation on >> http://wiki.wireshark.org/CaptureSetup/CapturePrivileges does not seem >> to work anymore in Linux (running Mint 17, based on Ubuntu 14.04 LTS). >> >> I have set the dumpcap utility as defined the wiki-page, not using a >> group, and it does not work anymore, but has worked before. >> >> Does anyone have an idea, what might have changed? The capabilities are >> indeed set. chmod 4750 does not work either. The only thing that seems to >> work is starting Wireshark as root. >> >> It works if I use wireshark from the original packages, but not if I run >> it from the build-directory. >> >> regards, >> Roland >> > > ___________________________________________________________________________ > Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> > Archives: http://www.wireshark.org/lists/wireshark-dev > Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev > mailto:wireshark-dev-requ...@wireshark.org > ?subject=unsubscribe >
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe