I am setting up wireshark to run as non root user, a la here, that is:
sudo apt-get install wireshark
sudo dpkg-reconfigure wireshark-common
sudo usermod -a -G wireshark $USER
(restart)
This is all great. But when I try to start wireshark as the wireshark user, using:
sudo -s -u $USER wireshark
I get the following error:
no protocol specified
gtk-warning ** cannot open display
The "no protocol specified" part seems pretty straight forward. And the gtk-warning cannot open display seems to relate exactly to this issue.
"You have two ways to get this working: grant it or have root take it.
You (greg) can grant it by means of 'xhost local:root'. Or root can take it, because it can access your files:
'export AUTHORITY=/home/greg/.Xauthority'."
This doesn't make sense to me. What was the point in granting access to the other user if they can't open the program anyway? This separating is done for security reasons, so isn't making that above modification reverting the earlier comment
"This has to do with access control to your X server. You don't want just anybody opening windows on your screen, do you. So if you started the X server under your own account (greg) then any other user (like root) doesn't have access to it."
TLDR; Is this standard practice and the way this should be done, to achieve separation between root and other user account? It seems like a "hack" to me.
Best Answer
$USERis here to see as a shell variable. The third command above adds your user to thewireshark groupand should be replaced bysudo adduser <yourUser> wireshark.Now you should be able to invoke wireshark as yourself (no need to sudo anymore).