On 2017-06-18 18:49, Stephen Rasku wrote:
> I just installed the "wireshark2" port but it isn't working because of
> permissions. On Linux, I would usually add the interfaces to the
> wireshark group and add myself to that group.
> However, it seems that I don't have a wireshark group. Should it have
> created one? Do I need to create it manually? Is there a better
> practice to run wireshark as a non-root user (i.e. without sudo)?
In order to capture packets, wireshark needs read/write access to the
/dev/bpf* device files. You can transfer ownership to a group you are in
and grant that group permission.
FWIW, the upstream wireshark packaging automates this step by creating a
new access_bpf group  and installs a launch daemon script . This
way permissions are set up on boot. Something similar could be
contributed to the MacPorts port. At least the required steps should be
documented somewhere, for example in 'port notes'.
PS: Please use @lists.macports.org instead of old macOS forge addresses.
On Sun, Jun 18, 2017 at 11:27 AM, Rainer Müller <[hidden email]> wrote:
> In order to capture packets, wireshark needs read/write access to the
> /dev/bpf* device files. You can transfer ownership to a group you are in
> and grant that group permission.
> sudo chgrp staff /dev/bpf*
> sudo chmod g+rw /dev/bpf*
Does it need write access? I added a wireshark group and added myself
to it. I changed the group on those devices and added group read
permissions. I did not give it group write permission because I don't
think it needs to write to those devices. It seems to work.