Wireshark dumpcap with setcap set to no-root capture failes to start in Ubuntu 18.10

eiselekd
1 ●1 ●1

I have recompiled the latest version of Wireshark with prefix /my-path/bin/ and want to setup non-root capture of packets. However when I set

setcap cap_net_raw,cap_net_admin=eip /my-path/bin/dumpcap

then somehow dumpcap cannot be started anymore and exits with:

/my-path/bin/dumpcap: error while loading shared libraries: libwsutil.so.0: cannot open shared object file: No such file or directory

/my-path/lib/libwsutil.so.0 is present and if I revert the capabilities with

setcap -r /my-path/bin/dumpcap

I can run dumpcap again. Is there some security feature that I need to take into account? I'm running Ubuntu 18.10.

Be the first one to answer this question!

Please start posting anonymously - your entry will be published after you log in or create a new account.

Be the first one to answer this question!