This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Wireshark and Linux

0

I am trying to open Wireshark in the command prompt using sudo -i Wireshark, but it keeps telling me command not found. When I type in just Wireshark, the program will open. Any idea why I cannot open Wireshark via sudo command?

asked 25 Sep '13, 13:38

Renee's gravatar image

Renee
1111
accept rate: 0%

edited 25 Sep '13, 14:04

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237


One Answer:

2

sudo -i Wireshark

You write Wireshark with an uppercase W, while the binary is called wireshark. If that was just a typo in your question, what is the output of the following commands?

which wireshark
sudo wireshark
sudo which wireshark

I suspect the binary wireshark is not in the search path of the root user.

BTW: You should not run Wireshark as root. See here: http://wiki.wireshark.org/CaptureSetup/CapturePrivileges

If you don't see any interfaces as non-root, please run the following command (on Linux):

sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap

Please adjust the path, if dumpcap is not installed to /usr/bin.

Regards
Kurt

answered 25 Sep '13, 14:01

Kurt%20Knochner's gravatar image

Kurt Knochner ♦
24.8k1039237
accept rate: 15%

edited 25 Sep '13, 15:14