Wireshark mailing list archives
Re: dumpcap/tshark permissions on created pcap files
From: Jaap Keuter <jaap.keuter () xs4all nl>
Date: Thu, 17 May 2018 10:02:25 +0200
But what you should do is adapt the way you capture. As the opening screen of Wireshark says: “Are you a member of the ‘wireshark' group? Try running ‘usermod -a -G wireshark _your_username_’ as root”. Then logout and login again. From now on you can capture as you (not root), and the capture files will be created under your username. With your users umask (0002) your files should be: 1) Owned by you 2) Accessible to others Good luck.
On 17 May 2018, at 07:48, luke devon via Wireshark-users <wireshark-users () wireshark org> wrote: Hi Guy , Yes, It works. Thank you so much for the help. Br Luke. On Thursday, 17 May 2018, 1:26:43 PM GMT+8, Guy Harris <guy () alum mit edu> wrote: On May 16, 2018, at 7:51 PM, luke devon via Wireshark-users <wireshark-users () wireshark org <mailto:wireshark-users () wireshark org>> wrote:How can I fix this ?Run chmod o+r Test_00003_20180517095317.pcap as root to give "other" read permission on the file.what is the root cause for it ?You ran dumpcap as root (or you ran tshark as root, and *it* ran dumpcap, so dumpcap also ran as root), so the file it creates is owned by root, group root, and root probably has a umask of 0026 or 0027, so, by default, files are created with group write permission, and *all* other permissions, turned off.
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: https://www.wireshark.org/lists/wireshark-users Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- dumpcap/tshark permissions on created pcap files luke devon via Wireshark-users (May 16)
- Re: dumpcap/tshark permissions on created pcap files Guy Harris (May 16)
- Re: dumpcap/tshark permissions on created pcap files luke devon via Wireshark-users (May 16)
- Re: dumpcap/tshark permissions on created pcap files Jaap Keuter (May 17)
- Re: dumpcap/tshark permissions on created pcap files luke devon via Wireshark-users (May 16)
- Re: dumpcap/tshark permissions on created pcap files Guy Harris (May 16)