This is our old Q&A Site. Please post any new questions and answers at



I have set the dumpcap with below so that all users in the group "testgroup" can run the wireshark and capture (without sudoers)

chgrp testgroup /usr/sbin/dumpcap
chmod 4750 /usr/sbin/dumpcap

Meaning that when I run the dumpcap command manually

as root:

[[email protected] etc]# env |grep TMPDIR
[[email protected] etc]# /usr/sbin/dumpcap
File: /data/etherXXXXGhhoEl
Packets: 25 Packets dropped: 0

as normal user:

[[email protected] ~]$ env |grep TMPDIR
[[email protected] ~]$ /usr/sbin/dumpcap
File: /tmp/etherXXXXrWpaJ8
Packets: 12 Pac

But still it writes the temp data to /tmp...

Everyone is able to write to /data:

[[email protected] ~]$ ls -ld /data
drwxrwxrwt 4 root root 4096 Feb 19 18:28 /data
[[email protected] ~]$

It seems that inside the dumpcap there is TMPDIR parameter which seems to overwrite:

How to overcome this problem ?

[[email protected] ~]$ strings /usr/sbin/dumpcap |grep -i tmp

All help appreciated.

asked 29 Feb '12, 03:37

keke's gravatar image

accept rate: 0%

edited 29 Feb '12, 03:40

Another question asked the same thing. Admittedly it wasn't answered until just now though.

[Update] Don't forget to drop by and Accept this answer if it answered your question.

permanent link

answered 29 Feb '12, 07:45

JeffMorriss's gravatar image

JeffMorriss ♦
accept rate: 27%

edited 09 Mar '12, 06:59

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here



Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text]( "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:


question asked: 29 Feb '12, 03:37

question was seen: 2,556 times

last updated: 09 Mar '12, 06:59

p​o​w​e​r​e​d by O​S​Q​A