 | 1 | initial version |
You've created a situation in which you've installed Wireshark deb packages from the distribution and build and installed Wireshark from source. Even though this is possible one has to be aware of what programs you run when using the various tools.
Depending on the composition of your PATH environment variable in your shell running tshark may either run the deb package installed one, or your own locally build and installed one.
Running sudo dpkg-reconfigure wireshark-common has only effect on the deb package installed Wireshark programs, not the locally build and installed dumpcap.
Setting the capabilities directly on the locally build and installed dumpcap does solve the underlying problem for the locally build and installed tshark.
Copyright Wireshark Foundation, 2017-2023 Content on this site is licensed under a Creative Commons Attribution Share Alike 3.0 license.
