Cannot capture packet in uaual user, while cannot save file in privilege mode
tshark -i 1 -a duration:10 -w x.pcap
tshark: Lua: Error during loading:
[string "/usr/share/wireshark/init.lua"]:46: dofile has been disabled due to running Wireshark as superuser. See http://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user.
Running as user "root" and group "root". This could be dangerous.
Capturing on 'wlan0'
tshark: The file to which the capture would be saved ("x.pcap") could not be opened: Permission denied.
groupadd wiresharkAlways remember to reboot or logout to have the change take effect!!!
useradd -G wireshark
usermod -a -G wireshark
setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap