Capture file cannot be opened when tshark is executed with `sudo`
I am trying to get Wi-Fi sniffer logs and save them to ~/log/ directory using tshark.
However, when I execute tshark as bellow, it cannot open the log file because of the Permission denied.
$ mkdir ~/log
$ sudo chmod 777 ~/log
$ cd ~
$ ls -ld ~
drwxr-x--- 21 user1 user1 4096 Dec 4 19:50 /home/user1
$ sudo tshark -i wlan0 -w ./log/sniffer.pcap
Running as user "root" and group "root". This could be dangerous.
Capturing on 'wlan0_mon'
tshark: The file to which the capture would be saved ("hoge.pcap") could not be opened: Permission denied.
tshark:
I noticed that default home directory permissions were changed to 750 in Ubuntu 22.04, so I change them to 755 as before. Then this error was resolved.
$ sudo chmod 755 ~
$ ls -ld ~
drwxr-xr-x 21 user1 user1 4096 Dec 4 19:50 /home/user1
$ cd ~
$ sudo tshark -i wlan0 -w ./log/sniffer.pcap
# The capture starts as I exepected and the sniffer log is saved in ~/log/sniffer.pcap
Questions:
- Is this behavior as intended ?
- Why does this behavior occur?
Environment:
- OS: Ubuntu 22.04.1
- kernel: 6.2.0-37-generic
- tshark: TShark (Wireshark) 4.0.6 (Git v4.0.6 packaged as 4.0.6-1~exp1~ubuntu22.04.0~ppa1).
Why are you running as root? Doesn't the warning
Running as user "root" and group "root". This could be dangerous.give you pause for thought?