aboutsummaryrefslogtreecommitdiffstats
path: root/doc/README.packaging
diff options
context:
space:
mode:
authorGerald Combs <gerald@wireshark.org>2010-01-26 20:03:12 +0000
committerGerald Combs <gerald@wireshark.org>2010-01-26 20:03:12 +0000
commit67ea4d61264f8faec0de41c59be06684e60adc3a (patch)
tree7d25936589ec51a8e8897d6c9d460cfec8666bd1 /doc/README.packaging
parentc08fa6f3cf2ded7ff34393739c7b26c953f74ddb (diff)
Add a note about filesystem capabilities.
svn path=/trunk/; revision=31686
Diffstat (limited to 'doc/README.packaging')
-rw-r--r--doc/README.packaging17
1 files changed, 13 insertions, 4 deletions
diff --git a/doc/README.packaging b/doc/README.packaging
index 400b36e..73a6ed2 100644
--- a/doc/README.packaging
+++ b/doc/README.packaging
@@ -37,8 +37,8 @@ Wireshark with elevated privileges in order to be able to capture
traffic. With version 0.99.7, all function calls that require elevated
privileges have been moved out of the GUI to dumpcap.
-WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO
-NOT RUN THEM AS ROOT.
+WIRESHARK CONTAINS NEARLY TWO MILLION LINES OF SOURCE CODE. DO NOT RUN
+THEM AS ROOT.
There are two configure-time options on non-Windows systems that affect
the privileges a normal user needs to capture traffic and list
@@ -56,8 +56,17 @@ setuid privileges it may have while retaining the CAP_NET_ADMIN and
CAP_NET_RAW capabilities. It is enabled by default, if the Linux
capabilities library (on which it depends) is found.
-Additionally, warnings are now displayed when Wireshark and TShark are
-run as root.
+Warnings are displayed when Wireshark and TShark are run
+as root.
+
+For systems that have libcap and the "setcap" utility you can avoid
+root altogether:
+
+# groupadd -g packetcapture
+# chmod 750 /usr/bin/dumpcap
+# chgrp packetcapture /usr/bin/dumpcap
+# setcap cap_net_raw,cap_net_admin+eip /usr/bin/dumpcap
+# setcap cap_net_raw,cap_net_admin+eip /usr/bin/tshark
4. Customization.