Thursday, January 23, 2014

Running Wireshark as root on linux workstation

So the rare occasion that I needed Wireshark popped up again. And again, it needs to run as root to have access to the network interfaces to do the live packet capture. Well obviously I'm not running as root on my workstation and I don't really want to have to start Wireshark from the command line every single time. I run Cinnamon for a reason: I want a quick and easy, click-tasitc workstation. Don't get me wrong, I love my CLI, but there is a time and place for it, GUI apps ought to be started from the GUI.

But, uh, back to the lecture at hand.

To start a GUI app from the menu or a panel icon as root is easy, albeit DE (Desktop Environment) specific. Edit your menu or shortcut; in Cinnamon 2 right-click the menu and select configure, click "Open the menu editor" button, select the menu item and click "Properties" button on the right side.

In any GTK DE, like Cinnamon, XFCE, Gnome, Mate and LXDE (not for long they are switching to QT) prepend the command with gksudo. In my case, the command was "wireshark %f", I changed it to "gksudo wireshark %f".

Now when you click the shortcut to start the app, you will be prompted for an password, and assuming you have sudo access, the app will start with root access.
(Wireshark will complain and tell you there is a better way to do this, I've never bothered because it's not often I run Wireshark and I am willing to accept the risk of running it as root instead of all the hassle of the alternative)

BTW, Google tells me that for KDE (or potentially any other QT DE) you want kdesudo in place of gksudo.

No comments:

Post a Comment