# Wireshark/tshark will not run as user

## BentB

Since the latest update wireshark/tshark will not run as an ordinary user any longer. The user in question is a member of the wireshark group and it used to be enough to enable running wireshark. Not so any longer. All I get is the message:

```
bent@leopold ~ $ tshark

tshark: There are no interfaces on which a capture can be done

bent@leopold ~ $
```

Any suggestions?

Bent

----------

## ewaller

Version 1.0.7 works here. 

 From what I see 1.0.8 is out, and there is a hard Masked 1.2 Release Candidate.

Which version are you trying to use?

----------

## BentB

I'm using version 1.0.8.

For what it is worth, I'm experiencing the same symptoms with version 1.0.4 on a openSUSE 11.1 system. 

Bent

----------

## ewaller

I have now upgraded to 1.0.8

uname -a

```
Linux lappy 2.6.29-gentoo-r4 #1 PREEMPT Sun May 24 21:30:08 PDT 2009 i686 Intel(R) Pentium(R) M processor 1.60GHz GenuineIntel GNU/Linux

```

ls -l /usr/bin/wireshark

```
-rwxr-xr-- 1 root wireshark 1368480 Jun  4 01:52 /usr/bin/wireshark

```

grep wireshark /etc/group

```

wireshark:x:1006:ewaller
```

Works here.  Sorry.

----------

## BentB

I have been away for a couple of days, hence the delayed answer.

I have changed the group ownership of the executable so I now have the same setup as you:

```
l /usr/bin/tshark

-rwxr-xr-x 1 root wireshark 162140 May 26 13:21 /usr/bin/tshark

bent@leopold ~ $ cat /etc/group | grep wire

wireshark:x:1005:bent

bent@leopold ~ $ uname -a

Linux leopold 2.6.28-gentoo-r5 #1 Wed May 6 18:26:10 CEST 2009 i586 Geode(TM) Integrated Processor by AMD PCS AuthenticAMD GNU/Linux

bent@leopold ~ $
```

but still no success:

```
tshark

tshark: There are no interfaces on which a capture can be done
```

There must be other differences, but whick???

----------

## meal

Are you sure, that normal user can set network card in promiscuous mode ? AFAIR it's not possible. I'm using wireshark with gksu  :Wink: 

----------

## BentB

 *Quote:*   

> Are you sure, that normal user can set network card in promiscuous mode ? AFAIR it's not possible. 

 

A normal user cannot put a NIC into promiscuous mode. The last many times I have updated wireshark I get messages similar to this:

 *Quote:*   

> >>> Messages generated by process 19091 on 2009-05-26 13:22:36 CEST for package net-analyzer/wireshark-1.0.8:
> 
> WARN: setup
> 
> USE=-gtk will mean no gui called wireshark will be created and
> ...

 

So I guess that wireshark/tshark puts the NIC in promiscuous mode and then drops the user level down to 'wireshark' But this is exactly what does NOT happen anymore. I'm asking if anybody knows why the behavior of wireshark/tshark has changed with the last update, because up until the last update it worked as announced. Is the maintainer of the wireshark ebuild reading this forum?

Bent

----------

