osmith
/
wireshark
forked from osmocom/wireshark
1
0
Fork 0
Code Pull Requests Releases Wiki Activity
wireshark/doc/README.packaging

112 lines
3.8 KiB
Plaintext
Raw Blame History

The following guidelines should be followed by anyone distributing a software
package containing Wireshark:
1. URLs.
1.1. Wireshark web site.
The Wireshark web site URL is http://www.wireshark.org/ .
1.2. Wireshark releases.
The canonical location for every Wireshark source release is
http://www.wireshark.org/download/src/all-versions/, e.g.
http://www.wireshark.org/download/src/all-versions/wireshark-0.99.55.tar.bz2
If your packaging system downloads a copy of the Wireshark sources, use
this location. Don't use http://www.wireshark.org/download/src.
1.3. Artwork.
Logo and icon artwork can be found in the "image" directory in the
distribution. This is available online at
http://anonsvn.wireshark.org/wireshark/trunk/image/
2. Licensing.
Wireshark is released under the GNU General Public License version 2 or
newer. Make sure your package complies with this license.
3. Privileges.
In versions up to and including 0.99.6, it was necessary to run
Wireshark with elevated privileges in order to be able to capture
traffic. With version 0.99.7, all function calls that require elevated
privileges have been moved out of the GUI to dumpcap.
WIRESHARK CONTAINS OVER TWO MILLION LINES OF SOURCE CODE. DO NOT RUN
THEM AS ROOT.
Warnings are displayed when Wireshark and TShark are run as root.
There are several configure-time options on non-Windows systems that
affect the privileges a normal user needs to capture traffic and list
interfaces:
--enable-setcap-install Install dumpcap with cap_net_admin and
cap_net_raw capabilities. Linux only.
--enable-setuid-install Install dumpcap setuid root.
--with-libcap If running as root, try to grab
CAP_NET_ADMIN and CAP_NET_RAW, then drop
privileges. Linux only.
--with-dumpcap-group=... Restricts dumpcap execution to the
specified group.
These are necessary for non-root users to be able to capture on most
systems, e.g. on Linux or FreeBSD if the user doesn't have permissions
to access /dev/bpf*. Setcap installation is preferred over setuid on
Linux. If "--enable-setcap-install" is used it will override any setuid
settings.
The "--with-libcap" option is only useful when dumpcap is installed
setuid. If it is enabled dumpcap will try to drop any setuid privileges
it may have while retaining the CAP_NET_ADMIN and CAP_NET_RAW
capabilities. It is enabled by default, if the Linux capabilities
library (on which it depends) is found.
Note that enabling setcap or setuid installation allows packet capture
for ALL users on your system. If this is not desired, you can restrict
dumpcap execution to a specific group or user. The following two examples
show how to restrict access using setcap and setuid respectively:
# groupadd -g packetcapture
# chmod 750 /usr/bin/dumpcap
# chgrp packetcapture /usr/bin/dumpcap
# setcap cap_net_raw,cap_net_admin+ep /usr/bin/dumpcap
# groupadd -g packetcapture
# chgrp packetcapture /usr/bin/dumpcap
# chmod 4750 /usr/bin/dumpcap
4. Customization.
Custom version information can be added by creating a file called
"version.conf" and running "make-version.pl -p". See make-version.pl for
details. If your package contains significant changes we recommend that
you use this to differentiate it from official Wireshark releases.
4.1. Source-level version detection.
The Git version corresponding to each release is in version.h. It's
defined as a string. If you need a numeric definition, let us know.
5. Trademarks.
Wireshark and the "fin" logo are registered trademarks of the Wireshark
Foundation.
6. Spelling.
Wireshark is spelled with a capital "W", and with everything else lower
case. E.g., "WireShark" is incorrect.
If you have a question not addressed here, send it to
wireshark-dev@wireshark.org.
View Git Blame Copy Permalink