I have never been able to get Wireshark to run properly on any of my Raspberry Pi’s. Today I didn’t have a choice, I had to solve the problem.
The problem is Wireshark will not run from the menu on a linux menu because it needs to be run as root. I am always logged in on my normal non-root user.
On other linux systems, I have no problem getting around this problem. I simply type:
at a terminal prompt and it runs fine for me. But that doesn’t work for my RPIs. All of my RPI’s are headless servers – no keyboard and display. I must VNC into them.
When I try to run wireshark this way on a RPI, I get the error
sudo wireshark (wireshark:4431): Gtk-WARNING **: cannot open display: :0.0
I presume this has something to do with VNC and the way it works on Linux. Whatever the issue, I need a work around.
I found the solution at The Geeky Space. You need to allow your user the ability to run the dumpcap program by using these commands:
sudo chgrp <yourUserId> /usr/bin/dumpcap sudo chmod 750 /usr/bin/dumpcap sudo setcap cap_net_raw,cap_net_admin+eip /usr/bin/dumpcap
It worked like a charm. Thanks Geeky Space!
Apr 2014 Update:
I just tried this on a Linux Mint installation, and it worked there as well. Now I don’t need sudo to run wireshark.