etherape wireshark ping and other tools that need sudo

When applications fail on linux because they need superuser access, they often don't. But a superuser account would provide these applications with all the access they need. It's a bit like chmod 777... a dangerous fix for a user's problem. Let me explain how to provide ping, wireshark and etherape (that's what triggered this post) access to the network interfaces without using sudo, setuid, chmod or whatever.

The solution? Use the file capabilities system. Install the libcap-ng-utils (or something equivalent, you need the "filecap" tool). After that, just issue the command: sudo filecap <executable> <access rights>. For me, the command to give etherape access to the network interfaces was: sudo filecap /usr/bin/etherape net_admin net_raw

This article is my 9th oldest. It is 112 words long