This is a static archive of our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

TMPDIR ignored by Wireshark when running as unpriviledged user

Hi,

wireshark-1.0.15-1.el5_5.3
RHEL5.6

I have set the dumpcap with below so that all users in the group "testgroup" can run the wireshark and capture (without sudoers)

chgrp testgroup /usr/sbin/dumpcap
chmod 4750 /usr/sbin/dumpcap

Meaning that when I run the dumpcap command manually

as root:

[[email protected] etc]# env |grep TMPDIR
TMPDIR=/data
[[email protected] etc]# /usr/sbin/dumpcap
File: /data/etherXXXXGhhoEl
Packets: 25 Packets dropped: 0

as normal user:

[[email protected] ~]$ env |grep TMPDIR
TMPDIR=/data
[[email protected] ~]$ /usr/sbin/dumpcap
File: /tmp/etherXXXXrWpaJ8
Packets: 12 Pac

But still it writes the temp data to /tmp...

Everyone is able to write to /data:

[[email protected] ~]$ ls -ld /data
drwxrwxrwt 4 root root 4096 Feb 19 18:28 /data
[[email protected] ~]$

It seems that inside the dumpcap there is TMPDIR parameter which seems to overwrite:

How to overcome this problem ?

[[email protected] ~]$ strings /usr/sbin/dumpcap |grep -i tmp
TMPDIR /tmp

All help appreciated.

tmp unpriviledged tmpdir temp dumpcap

asked 29 Feb '12, 03:37

keke
1●1●1●2
accept rate: 0%

edited 29 Feb '12, 03:40

One Answer:

0	Another question asked the same thing. Admittedly it wasn't answered until just now though. [Update] Don't forget to drop by and Accept this answer if it answered your question. answered 29 Feb '12, 07:45 JeffMorriss ♦ 6.2k●5●72 accept rate: 27% edited 09 Mar '12, 06:59