osmocom
/
wireshark
11
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

dumpcap: Add a permissions warning about capabilities 

If we have Linux capabilities, and dumpcap gets a permission error,
suggest that the user add the CAP_NET_RAW and CAP_NET_ADMIN capabilities
that dumpcap needs if Wireshark was not installed by a package.
(Distribution packages should set the capabilities.)

Fix #18279
This commit is contained in:
John Thacker 2023-07-15 08:17:17 -04:00 committed by Gerald Combs
parent 76719d21eb
commit 7bfc3f2c13
1 changed files with 16 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
dumpcap.c
View File

@ -625,6 +625,20 @@ relinquish_all_capabilities(void)
/*
* Platform-dependent suggestions for fixing permissions.
*/
#ifdef HAVE_LIBCAP
#define LIBCAP_PERMISSIONS_SUGGESTION \
"\n\n" \
"If you did not install Wireshark from a package, ensure that Dumpcap " \
"has the needed CAP_NET_RAW and CAP_NET_ADMIN capabilities by running " \
"\n\n" \
" sudo setcap cap_net_raw,cap_net_admin=ep {path/to/}dumpcap" \
"\n\n" \
"and then restarting Wireshark."
#else
#define LIBCAP_PERMISSIONS_SUGGESTION
#endif
#if defined(__linux__)
#define PLATFORM_PERMISSIONS_SUGGESTION \
"\n\n" \
@ -641,7 +655,8 @@ relinquish_all_capabilities(void)
"\n\n" \
" sudo usermod -a -G wireshark {your username}" \
"\n\n" \
"and then logging out and logging back in again."
"and then logging out and logging back in again." \
LIBCAP_PERMISSIONS_SUGGESTION
#elif defined(__APPLE__)
#define PLATFORM_PERMISSIONS_SUGGESTION \
"\n\n" \