Kali Linux Can't Log in as non-root user and wireshark complaining about root












1














When I opened wireshark (fresh install of live usb kali with persistence) for the first time it complained about me being root. This is what I found in googling it:




Yes it's recommended and advisable not to run such tools in super user or high permission account. Giving root to such tools can go sideways should the tool malfunction. You can create a non-super user account or non root account and that should fix the error dialog. Also, the tool should still work when that error dialog shows up, It just warns you of the privileges you are assigning to the tool.




https://null-byte.wonderhowto.com/forum/problems-with-wireshark-as-root-user-kali-0169494/



But when I create a user and try to log out as root, I get stuck in an autologin loop as root. I also saw elsewhere that most of the tools in Kali require root permissions (I figured I'd just sudo everything. I started in ubuntu years ago and have become so used to sudo I prefer it to root account).



But my question is: which is the proper way of doing things in Kali? Creating a sub-account and disabling the log in (thus, my sub question is how?) or disabling the warnings in wireshark. What can go wrong with wireshark if you run it in root ?



And finally: is this some kind of hazing ritual with Kali? (Bill Labanovic jokes in his book on python that installing pip is a kind of hazing ritual for new programmers in python. I thought maybe this is like that).



UPDATE: Even when I find a way to log in as non-root (by waiting for the screen to lock and selecting a different user) I can't run wireshark because I don't have the permissions! And I can't seem to figure out a way to run wireshark with permissions without resorting to cli!



Update2: I am not new to linux. By a "fresh install of live usb with persistence" I mean I just set up a live usb stick with kali linux and configured persistence following tutorials like this.



The error message in wireshark is this one. Most of the tutorials I found online are about disabling the warning.



I have set up a sudoer account but every time I boot Kali or attempt to log out of Kali, I go through the boot process and the last item is always something along the lines of 'Started up User Manager for UID 0.', as in root. How do I disable this?



Update3: I'm going to clarify my question: what is the normal, correct way of doing this in Kali. According to the meta question on Kali questions, Kali doesn't even have proper apt support. So I'm afraid to go following the directions Draconis posted, because it requires installing special libraries. I'm not trying to run Kali as a production environment or a normal desktop (I have it on a flash drive), I'm just trying to use some tools in it to pentest my server (I am totally new to pentesting, and even though pentesterlab says not to bother using Kali, but just use the distro you're already comfortable in, I didn't want to go installing wireshark and a bunch of other tools in my desktop distro--I figured I'd start learning the basics of pentesting in Kali with pre-rolled tools. Perhaps this was a mistake). I did figure out how to log out as root: it requires using the lock screen button. Sounds amateur not to know that, but I'm not used to gnome and I spend more time in cli than not. I run an ubuntu server and mostly use my bunsenlabs box to mess around with mysql databases and write python scripts with vim. And it seems funny to me that I can't log out as root without getting stuck in an autologin loop.



I am not new to linux. But I have been using, for the past 10 years off and on, somewhat easier distros (ubuntu, crunchbang, and now bunsenlabs. Have even dipped my toes into slackware and fedora). But for a tool that I figured was meant to be started up on a flash drive, there's an awful lot of configuration that has to happen before I can even get started using wireshark. This doesn't make sense to me. There is no way that a pentester goes and sets up special accounts to run wireshark every time he boots his flash drive (given most people, I would imagine, wouldn't even bother setting up persistence).



So my question is: is it thoroughly normal to run wireshark as root in Kali Linux when running it from a flash drive? If it is not, what is the typical way of doing things in Kali?










share|improve this question




















  • 2




    Why the downvotes on this one? Yes, it's Kali. But the OP seems to be asking a perfectly reasonable question. And they say they've been using Ubuntu since "years ago" so they're clearly not a beginner.
    – roaima
    May 17 '18 at 20:47
















1














When I opened wireshark (fresh install of live usb kali with persistence) for the first time it complained about me being root. This is what I found in googling it:




Yes it's recommended and advisable not to run such tools in super user or high permission account. Giving root to such tools can go sideways should the tool malfunction. You can create a non-super user account or non root account and that should fix the error dialog. Also, the tool should still work when that error dialog shows up, It just warns you of the privileges you are assigning to the tool.




https://null-byte.wonderhowto.com/forum/problems-with-wireshark-as-root-user-kali-0169494/



But when I create a user and try to log out as root, I get stuck in an autologin loop as root. I also saw elsewhere that most of the tools in Kali require root permissions (I figured I'd just sudo everything. I started in ubuntu years ago and have become so used to sudo I prefer it to root account).



But my question is: which is the proper way of doing things in Kali? Creating a sub-account and disabling the log in (thus, my sub question is how?) or disabling the warnings in wireshark. What can go wrong with wireshark if you run it in root ?



And finally: is this some kind of hazing ritual with Kali? (Bill Labanovic jokes in his book on python that installing pip is a kind of hazing ritual for new programmers in python. I thought maybe this is like that).



UPDATE: Even when I find a way to log in as non-root (by waiting for the screen to lock and selecting a different user) I can't run wireshark because I don't have the permissions! And I can't seem to figure out a way to run wireshark with permissions without resorting to cli!



Update2: I am not new to linux. By a "fresh install of live usb with persistence" I mean I just set up a live usb stick with kali linux and configured persistence following tutorials like this.



The error message in wireshark is this one. Most of the tutorials I found online are about disabling the warning.



I have set up a sudoer account but every time I boot Kali or attempt to log out of Kali, I go through the boot process and the last item is always something along the lines of 'Started up User Manager for UID 0.', as in root. How do I disable this?



Update3: I'm going to clarify my question: what is the normal, correct way of doing this in Kali. According to the meta question on Kali questions, Kali doesn't even have proper apt support. So I'm afraid to go following the directions Draconis posted, because it requires installing special libraries. I'm not trying to run Kali as a production environment or a normal desktop (I have it on a flash drive), I'm just trying to use some tools in it to pentest my server (I am totally new to pentesting, and even though pentesterlab says not to bother using Kali, but just use the distro you're already comfortable in, I didn't want to go installing wireshark and a bunch of other tools in my desktop distro--I figured I'd start learning the basics of pentesting in Kali with pre-rolled tools. Perhaps this was a mistake). I did figure out how to log out as root: it requires using the lock screen button. Sounds amateur not to know that, but I'm not used to gnome and I spend more time in cli than not. I run an ubuntu server and mostly use my bunsenlabs box to mess around with mysql databases and write python scripts with vim. And it seems funny to me that I can't log out as root without getting stuck in an autologin loop.



I am not new to linux. But I have been using, for the past 10 years off and on, somewhat easier distros (ubuntu, crunchbang, and now bunsenlabs. Have even dipped my toes into slackware and fedora). But for a tool that I figured was meant to be started up on a flash drive, there's an awful lot of configuration that has to happen before I can even get started using wireshark. This doesn't make sense to me. There is no way that a pentester goes and sets up special accounts to run wireshark every time he boots his flash drive (given most people, I would imagine, wouldn't even bother setting up persistence).



So my question is: is it thoroughly normal to run wireshark as root in Kali Linux when running it from a flash drive? If it is not, what is the typical way of doing things in Kali?










share|improve this question




















  • 2




    Why the downvotes on this one? Yes, it's Kali. But the OP seems to be asking a perfectly reasonable question. And they say they've been using Ubuntu since "years ago" so they're clearly not a beginner.
    – roaima
    May 17 '18 at 20:47














1












1








1







When I opened wireshark (fresh install of live usb kali with persistence) for the first time it complained about me being root. This is what I found in googling it:




Yes it's recommended and advisable not to run such tools in super user or high permission account. Giving root to such tools can go sideways should the tool malfunction. You can create a non-super user account or non root account and that should fix the error dialog. Also, the tool should still work when that error dialog shows up, It just warns you of the privileges you are assigning to the tool.




https://null-byte.wonderhowto.com/forum/problems-with-wireshark-as-root-user-kali-0169494/



But when I create a user and try to log out as root, I get stuck in an autologin loop as root. I also saw elsewhere that most of the tools in Kali require root permissions (I figured I'd just sudo everything. I started in ubuntu years ago and have become so used to sudo I prefer it to root account).



But my question is: which is the proper way of doing things in Kali? Creating a sub-account and disabling the log in (thus, my sub question is how?) or disabling the warnings in wireshark. What can go wrong with wireshark if you run it in root ?



And finally: is this some kind of hazing ritual with Kali? (Bill Labanovic jokes in his book on python that installing pip is a kind of hazing ritual for new programmers in python. I thought maybe this is like that).



UPDATE: Even when I find a way to log in as non-root (by waiting for the screen to lock and selecting a different user) I can't run wireshark because I don't have the permissions! And I can't seem to figure out a way to run wireshark with permissions without resorting to cli!



Update2: I am not new to linux. By a "fresh install of live usb with persistence" I mean I just set up a live usb stick with kali linux and configured persistence following tutorials like this.



The error message in wireshark is this one. Most of the tutorials I found online are about disabling the warning.



I have set up a sudoer account but every time I boot Kali or attempt to log out of Kali, I go through the boot process and the last item is always something along the lines of 'Started up User Manager for UID 0.', as in root. How do I disable this?



Update3: I'm going to clarify my question: what is the normal, correct way of doing this in Kali. According to the meta question on Kali questions, Kali doesn't even have proper apt support. So I'm afraid to go following the directions Draconis posted, because it requires installing special libraries. I'm not trying to run Kali as a production environment or a normal desktop (I have it on a flash drive), I'm just trying to use some tools in it to pentest my server (I am totally new to pentesting, and even though pentesterlab says not to bother using Kali, but just use the distro you're already comfortable in, I didn't want to go installing wireshark and a bunch of other tools in my desktop distro--I figured I'd start learning the basics of pentesting in Kali with pre-rolled tools. Perhaps this was a mistake). I did figure out how to log out as root: it requires using the lock screen button. Sounds amateur not to know that, but I'm not used to gnome and I spend more time in cli than not. I run an ubuntu server and mostly use my bunsenlabs box to mess around with mysql databases and write python scripts with vim. And it seems funny to me that I can't log out as root without getting stuck in an autologin loop.



I am not new to linux. But I have been using, for the past 10 years off and on, somewhat easier distros (ubuntu, crunchbang, and now bunsenlabs. Have even dipped my toes into slackware and fedora). But for a tool that I figured was meant to be started up on a flash drive, there's an awful lot of configuration that has to happen before I can even get started using wireshark. This doesn't make sense to me. There is no way that a pentester goes and sets up special accounts to run wireshark every time he boots his flash drive (given most people, I would imagine, wouldn't even bother setting up persistence).



So my question is: is it thoroughly normal to run wireshark as root in Kali Linux when running it from a flash drive? If it is not, what is the typical way of doing things in Kali?










share|improve this question















When I opened wireshark (fresh install of live usb kali with persistence) for the first time it complained about me being root. This is what I found in googling it:




Yes it's recommended and advisable not to run such tools in super user or high permission account. Giving root to such tools can go sideways should the tool malfunction. You can create a non-super user account or non root account and that should fix the error dialog. Also, the tool should still work when that error dialog shows up, It just warns you of the privileges you are assigning to the tool.




https://null-byte.wonderhowto.com/forum/problems-with-wireshark-as-root-user-kali-0169494/



But when I create a user and try to log out as root, I get stuck in an autologin loop as root. I also saw elsewhere that most of the tools in Kali require root permissions (I figured I'd just sudo everything. I started in ubuntu years ago and have become so used to sudo I prefer it to root account).



But my question is: which is the proper way of doing things in Kali? Creating a sub-account and disabling the log in (thus, my sub question is how?) or disabling the warnings in wireshark. What can go wrong with wireshark if you run it in root ?



And finally: is this some kind of hazing ritual with Kali? (Bill Labanovic jokes in his book on python that installing pip is a kind of hazing ritual for new programmers in python. I thought maybe this is like that).



UPDATE: Even when I find a way to log in as non-root (by waiting for the screen to lock and selecting a different user) I can't run wireshark because I don't have the permissions! And I can't seem to figure out a way to run wireshark with permissions without resorting to cli!



Update2: I am not new to linux. By a "fresh install of live usb with persistence" I mean I just set up a live usb stick with kali linux and configured persistence following tutorials like this.



The error message in wireshark is this one. Most of the tutorials I found online are about disabling the warning.



I have set up a sudoer account but every time I boot Kali or attempt to log out of Kali, I go through the boot process and the last item is always something along the lines of 'Started up User Manager for UID 0.', as in root. How do I disable this?



Update3: I'm going to clarify my question: what is the normal, correct way of doing this in Kali. According to the meta question on Kali questions, Kali doesn't even have proper apt support. So I'm afraid to go following the directions Draconis posted, because it requires installing special libraries. I'm not trying to run Kali as a production environment or a normal desktop (I have it on a flash drive), I'm just trying to use some tools in it to pentest my server (I am totally new to pentesting, and even though pentesterlab says not to bother using Kali, but just use the distro you're already comfortable in, I didn't want to go installing wireshark and a bunch of other tools in my desktop distro--I figured I'd start learning the basics of pentesting in Kali with pre-rolled tools. Perhaps this was a mistake). I did figure out how to log out as root: it requires using the lock screen button. Sounds amateur not to know that, but I'm not used to gnome and I spend more time in cli than not. I run an ubuntu server and mostly use my bunsenlabs box to mess around with mysql databases and write python scripts with vim. And it seems funny to me that I can't log out as root without getting stuck in an autologin loop.



I am not new to linux. But I have been using, for the past 10 years off and on, somewhat easier distros (ubuntu, crunchbang, and now bunsenlabs. Have even dipped my toes into slackware and fedora). But for a tool that I figured was meant to be started up on a flash drive, there's an awful lot of configuration that has to happen before I can even get started using wireshark. This doesn't make sense to me. There is no way that a pentester goes and sets up special accounts to run wireshark every time he boots his flash drive (given most people, I would imagine, wouldn't even bother setting up persistence).



So my question is: is it thoroughly normal to run wireshark as root in Kali Linux when running it from a flash drive? If it is not, what is the typical way of doing things in Kali?







kali-linux root wireshark autologin






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited yesterday









hornetbzz

1034




1034










asked May 17 '18 at 19:40









malan

614421




614421








  • 2




    Why the downvotes on this one? Yes, it's Kali. But the OP seems to be asking a perfectly reasonable question. And they say they've been using Ubuntu since "years ago" so they're clearly not a beginner.
    – roaima
    May 17 '18 at 20:47














  • 2




    Why the downvotes on this one? Yes, it's Kali. But the OP seems to be asking a perfectly reasonable question. And they say they've been using Ubuntu since "years ago" so they're clearly not a beginner.
    – roaima
    May 17 '18 at 20:47








2




2




Why the downvotes on this one? Yes, it's Kali. But the OP seems to be asking a perfectly reasonable question. And they say they've been using Ubuntu since "years ago" so they're clearly not a beginner.
– roaima
May 17 '18 at 20:47




Why the downvotes on this one? Yes, it's Kali. But the OP seems to be asking a perfectly reasonable question. And they say they've been using Ubuntu since "years ago" so they're clearly not a beginner.
– roaima
May 17 '18 at 20:47










2 Answers
2






active

oldest

votes


















6














There are a few different important points here. But the first one is, Kali is not a good first Linux distribution to start off with. If you're not familiar with account permissions, and especially if you don't want to use the command line, then Kali isn't right for you. I'd recommend Ubuntu instead. Anything you can do in Kali, you can also do in Ubuntu (once you install the right packages and tools), and it actually has a learning curve as opposed to Kali's "learning sheer vertical cliff".



(OP, you say you've been using Ubuntu for years, so this warning isn't intended for you. But it's worth saying anyway for other people who find this question.)



Second of all, Kali is designed to run pretty much everything as root. Which isn't a very good security practice! Some versions of Wireshark come with a warning:




WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT.




But if you're using Kali, it's assumed that:




  • You know what you're doing, and you know why running as root in general is a bad idea, and so you're going to make sure that

  • Even root isn't going to have the power to do anything really bad (because e.g. you're definitely not running this on the production server full of sensitive information)


As far as what could go wrong, Wireshark has quite a lot of different "dissectors" to analyze incoming traffic. Because there are so many, and they're so complicated, it's hard to be sure none of them will glitch out when given specially-crafted packets. At best, this could make Wireshark crash. At worst, it could allow arbitrary code execution. And arbitrary code execution as root is very bad.



The recommended way of using Wireshark, without letting it run as root, involves giving its dumpcap executable two extra capabilities: CAP_NET_ADMIN (allowing it to control network interfaces) and CAP_NET_RAW (allowing it to access raw packets). Full details on this are outside the scope of this question, but this article explains how to do that.



Unfortunately, manipulating capabilities does require using the command line. If you're not comfortable with that, then Kali probably isn't right for you: it's built for command line use first and foremost.






share|improve this answer





























    0














    I won't repeat same things again about "root" or "non-root" users. For your reference, I destroyed once a linux machine, because of my mistake on a bad piping of find + rm, while running everything as root : it can definitely happen to anyone.



    For running Wireshark as root in Kali 2.0, you need to open your favorite text editor (vi, vim, nano, gedit, leafpad, geany, sublime text or whatever you prefer) and edit /usr/share/wireshark/init.lua by changing the line :



    dofile(DATA_DIR.."console.lua")


    to



    --dofile(DATA_DIR.."console.lua")


    Save and close: job done. You can now run wireshark-gtk as root.






    share|improve this answer





















      Your Answer








      StackExchange.ready(function() {
      var channelOptions = {
      tags: "".split(" "),
      id: "106"
      };
      initTagRenderer("".split(" "), "".split(" "), channelOptions);

      StackExchange.using("externalEditor", function() {
      // Have to fire editor after snippets, if snippets enabled
      if (StackExchange.settings.snippets.snippetsEnabled) {
      StackExchange.using("snippets", function() {
      createEditor();
      });
      }
      else {
      createEditor();
      }
      });

      function createEditor() {
      StackExchange.prepareEditor({
      heartbeatType: 'answer',
      autoActivateHeartbeat: false,
      convertImagesToLinks: false,
      noModals: true,
      showLowRepImageUploadWarning: true,
      reputationToPostImages: null,
      bindNavPrevention: true,
      postfix: "",
      imageUploader: {
      brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
      contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
      allowUrls: true
      },
      onDemand: true,
      discardSelector: ".discard-answer"
      ,immediatelyShowMarkdownHelp:true
      });


      }
      });














      draft saved

      draft discarded


















      StackExchange.ready(
      function () {
      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f444466%2fkali-linux-cant-log-in-as-non-root-user-and-wireshark-complaining-about-root%23new-answer', 'question_page');
      }
      );

      Post as a guest















      Required, but never shown

























      2 Answers
      2






      active

      oldest

      votes








      2 Answers
      2






      active

      oldest

      votes









      active

      oldest

      votes






      active

      oldest

      votes









      6














      There are a few different important points here. But the first one is, Kali is not a good first Linux distribution to start off with. If you're not familiar with account permissions, and especially if you don't want to use the command line, then Kali isn't right for you. I'd recommend Ubuntu instead. Anything you can do in Kali, you can also do in Ubuntu (once you install the right packages and tools), and it actually has a learning curve as opposed to Kali's "learning sheer vertical cliff".



      (OP, you say you've been using Ubuntu for years, so this warning isn't intended for you. But it's worth saying anyway for other people who find this question.)



      Second of all, Kali is designed to run pretty much everything as root. Which isn't a very good security practice! Some versions of Wireshark come with a warning:




      WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT.




      But if you're using Kali, it's assumed that:




      • You know what you're doing, and you know why running as root in general is a bad idea, and so you're going to make sure that

      • Even root isn't going to have the power to do anything really bad (because e.g. you're definitely not running this on the production server full of sensitive information)


      As far as what could go wrong, Wireshark has quite a lot of different "dissectors" to analyze incoming traffic. Because there are so many, and they're so complicated, it's hard to be sure none of them will glitch out when given specially-crafted packets. At best, this could make Wireshark crash. At worst, it could allow arbitrary code execution. And arbitrary code execution as root is very bad.



      The recommended way of using Wireshark, without letting it run as root, involves giving its dumpcap executable two extra capabilities: CAP_NET_ADMIN (allowing it to control network interfaces) and CAP_NET_RAW (allowing it to access raw packets). Full details on this are outside the scope of this question, but this article explains how to do that.



      Unfortunately, manipulating capabilities does require using the command line. If you're not comfortable with that, then Kali probably isn't right for you: it's built for command line use first and foremost.






      share|improve this answer


























        6














        There are a few different important points here. But the first one is, Kali is not a good first Linux distribution to start off with. If you're not familiar with account permissions, and especially if you don't want to use the command line, then Kali isn't right for you. I'd recommend Ubuntu instead. Anything you can do in Kali, you can also do in Ubuntu (once you install the right packages and tools), and it actually has a learning curve as opposed to Kali's "learning sheer vertical cliff".



        (OP, you say you've been using Ubuntu for years, so this warning isn't intended for you. But it's worth saying anyway for other people who find this question.)



        Second of all, Kali is designed to run pretty much everything as root. Which isn't a very good security practice! Some versions of Wireshark come with a warning:




        WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT.




        But if you're using Kali, it's assumed that:




        • You know what you're doing, and you know why running as root in general is a bad idea, and so you're going to make sure that

        • Even root isn't going to have the power to do anything really bad (because e.g. you're definitely not running this on the production server full of sensitive information)


        As far as what could go wrong, Wireshark has quite a lot of different "dissectors" to analyze incoming traffic. Because there are so many, and they're so complicated, it's hard to be sure none of them will glitch out when given specially-crafted packets. At best, this could make Wireshark crash. At worst, it could allow arbitrary code execution. And arbitrary code execution as root is very bad.



        The recommended way of using Wireshark, without letting it run as root, involves giving its dumpcap executable two extra capabilities: CAP_NET_ADMIN (allowing it to control network interfaces) and CAP_NET_RAW (allowing it to access raw packets). Full details on this are outside the scope of this question, but this article explains how to do that.



        Unfortunately, manipulating capabilities does require using the command line. If you're not comfortable with that, then Kali probably isn't right for you: it's built for command line use first and foremost.






        share|improve this answer
























          6












          6








          6






          There are a few different important points here. But the first one is, Kali is not a good first Linux distribution to start off with. If you're not familiar with account permissions, and especially if you don't want to use the command line, then Kali isn't right for you. I'd recommend Ubuntu instead. Anything you can do in Kali, you can also do in Ubuntu (once you install the right packages and tools), and it actually has a learning curve as opposed to Kali's "learning sheer vertical cliff".



          (OP, you say you've been using Ubuntu for years, so this warning isn't intended for you. But it's worth saying anyway for other people who find this question.)



          Second of all, Kali is designed to run pretty much everything as root. Which isn't a very good security practice! Some versions of Wireshark come with a warning:




          WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT.




          But if you're using Kali, it's assumed that:




          • You know what you're doing, and you know why running as root in general is a bad idea, and so you're going to make sure that

          • Even root isn't going to have the power to do anything really bad (because e.g. you're definitely not running this on the production server full of sensitive information)


          As far as what could go wrong, Wireshark has quite a lot of different "dissectors" to analyze incoming traffic. Because there are so many, and they're so complicated, it's hard to be sure none of them will glitch out when given specially-crafted packets. At best, this could make Wireshark crash. At worst, it could allow arbitrary code execution. And arbitrary code execution as root is very bad.



          The recommended way of using Wireshark, without letting it run as root, involves giving its dumpcap executable two extra capabilities: CAP_NET_ADMIN (allowing it to control network interfaces) and CAP_NET_RAW (allowing it to access raw packets). Full details on this are outside the scope of this question, but this article explains how to do that.



          Unfortunately, manipulating capabilities does require using the command line. If you're not comfortable with that, then Kali probably isn't right for you: it's built for command line use first and foremost.






          share|improve this answer












          There are a few different important points here. But the first one is, Kali is not a good first Linux distribution to start off with. If you're not familiar with account permissions, and especially if you don't want to use the command line, then Kali isn't right for you. I'd recommend Ubuntu instead. Anything you can do in Kali, you can also do in Ubuntu (once you install the right packages and tools), and it actually has a learning curve as opposed to Kali's "learning sheer vertical cliff".



          (OP, you say you've been using Ubuntu for years, so this warning isn't intended for you. But it's worth saying anyway for other people who find this question.)



          Second of all, Kali is designed to run pretty much everything as root. Which isn't a very good security practice! Some versions of Wireshark come with a warning:




          WIRESHARK CONTAINS OVER ONE POINT FIVE MILLION LINES OF SOURCE CODE. DO NOT RUN THEM AS ROOT.




          But if you're using Kali, it's assumed that:




          • You know what you're doing, and you know why running as root in general is a bad idea, and so you're going to make sure that

          • Even root isn't going to have the power to do anything really bad (because e.g. you're definitely not running this on the production server full of sensitive information)


          As far as what could go wrong, Wireshark has quite a lot of different "dissectors" to analyze incoming traffic. Because there are so many, and they're so complicated, it's hard to be sure none of them will glitch out when given specially-crafted packets. At best, this could make Wireshark crash. At worst, it could allow arbitrary code execution. And arbitrary code execution as root is very bad.



          The recommended way of using Wireshark, without letting it run as root, involves giving its dumpcap executable two extra capabilities: CAP_NET_ADMIN (allowing it to control network interfaces) and CAP_NET_RAW (allowing it to access raw packets). Full details on this are outside the scope of this question, but this article explains how to do that.



          Unfortunately, manipulating capabilities does require using the command line. If you're not comfortable with that, then Kali probably isn't right for you: it's built for command line use first and foremost.







          share|improve this answer












          share|improve this answer



          share|improve this answer










          answered May 17 '18 at 20:32









          Draconis

          383310




          383310

























              0














              I won't repeat same things again about "root" or "non-root" users. For your reference, I destroyed once a linux machine, because of my mistake on a bad piping of find + rm, while running everything as root : it can definitely happen to anyone.



              For running Wireshark as root in Kali 2.0, you need to open your favorite text editor (vi, vim, nano, gedit, leafpad, geany, sublime text or whatever you prefer) and edit /usr/share/wireshark/init.lua by changing the line :



              dofile(DATA_DIR.."console.lua")


              to



              --dofile(DATA_DIR.."console.lua")


              Save and close: job done. You can now run wireshark-gtk as root.






              share|improve this answer


























                0














                I won't repeat same things again about "root" or "non-root" users. For your reference, I destroyed once a linux machine, because of my mistake on a bad piping of find + rm, while running everything as root : it can definitely happen to anyone.



                For running Wireshark as root in Kali 2.0, you need to open your favorite text editor (vi, vim, nano, gedit, leafpad, geany, sublime text or whatever you prefer) and edit /usr/share/wireshark/init.lua by changing the line :



                dofile(DATA_DIR.."console.lua")


                to



                --dofile(DATA_DIR.."console.lua")


                Save and close: job done. You can now run wireshark-gtk as root.






                share|improve this answer
























                  0












                  0








                  0






                  I won't repeat same things again about "root" or "non-root" users. For your reference, I destroyed once a linux machine, because of my mistake on a bad piping of find + rm, while running everything as root : it can definitely happen to anyone.



                  For running Wireshark as root in Kali 2.0, you need to open your favorite text editor (vi, vim, nano, gedit, leafpad, geany, sublime text or whatever you prefer) and edit /usr/share/wireshark/init.lua by changing the line :



                  dofile(DATA_DIR.."console.lua")


                  to



                  --dofile(DATA_DIR.."console.lua")


                  Save and close: job done. You can now run wireshark-gtk as root.






                  share|improve this answer












                  I won't repeat same things again about "root" or "non-root" users. For your reference, I destroyed once a linux machine, because of my mistake on a bad piping of find + rm, while running everything as root : it can definitely happen to anyone.



                  For running Wireshark as root in Kali 2.0, you need to open your favorite text editor (vi, vim, nano, gedit, leafpad, geany, sublime text or whatever you prefer) and edit /usr/share/wireshark/init.lua by changing the line :



                  dofile(DATA_DIR.."console.lua")


                  to



                  --dofile(DATA_DIR.."console.lua")


                  Save and close: job done. You can now run wireshark-gtk as root.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered yesterday









                  hornetbzz

                  1034




                  1034






























                      draft saved

                      draft discarded




















































                      Thanks for contributing an answer to Unix & Linux Stack Exchange!


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.





                      Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


                      Please pay close attention to the following guidance:


                      • Please be sure to answer the question. Provide details and share your research!

                      But avoid



                      • Asking for help, clarification, or responding to other answers.

                      • Making statements based on opinion; back them up with references or personal experience.


                      To learn more, see our tips on writing great answers.




                      draft saved


                      draft discarded














                      StackExchange.ready(
                      function () {
                      StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f444466%2fkali-linux-cant-log-in-as-non-root-user-and-wireshark-complaining-about-root%23new-answer', 'question_page');
                      }
                      );

                      Post as a guest















                      Required, but never shown





















































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown

































                      Required, but never shown














                      Required, but never shown












                      Required, but never shown







                      Required, but never shown







                      Popular posts from this blog

                      How to make a Squid Proxy server?

                      Is this a new Fibonacci Identity?

                      19世紀