FS#42182 - [wireshark-cli] Handle wireshark group already existing
Attached to Project:
Community Packages
Opened by Gabriel Potkány (gadelat) - Tuesday, 30 September 2014, 07:07 GMT
Last edited by Timothy Redaelli (tredaelli) - Wednesday, 01 October 2014, 08:45 GMT
Opened by Gabriel Potkány (gadelat) - Tuesday, 30 September 2014, 07:07 GMT
Last edited by Timothy Redaelli (tredaelli) - Wednesday, 01 October 2014, 08:45 GMT
|
Details
I created & added myself to wireshark group before
installing this package and rights for capture did not work
because there was assigned non-existent group id to dumpcap.
It tries to add group wireshark and then assumes it created
ok. If it fails, it blindly assings group id 150.
|
This task depends upon
Closed by Timothy Redaelli (tredaelli)
Wednesday, 01 October 2014, 08:45 GMT
Reason for closing: Not a bug
Wednesday, 01 October 2014, 08:45 GMT
Reason for closing: Not a bug
I think script should use id of already existing wireshark group if it does exist, because come on, what else could group named "wireshark" be used? Or at least notify user that something is wrong (failed to create group, ect)
Maybe the install should just die completely if you already have a non-GID 150 wireshark group?
If yes, why system doesn't automatically assign this GID to group named "wireshark" manually created by user?
If not, what happens when something else (aur package etc.) assigns this GID to other group name first?
I guess second answer is correct and there isn't actually reserved GID 150 for group named "wireshark" in system and any package can do this instead of wireshark-cli. And if that's the case, current behavior of this package can create even more serious problems. I don't think this package should assign GID, but it should rather assign group name.
If this isn't suitable solution, this package should at least generate confirmation/warning. I don't think it should generate error, it's not so big problem. I propose to choose some of these kind of messages:
1)Warning: Group "wireshark" already exists, overwrite? (y/n)..
2)Warning: Failed to create "wireshark" group. Sniffing without root privileges won't work. Remove the group and reinstall package for this feature to work.
User will by this point remember that he added that group manually and what it was for and even if he doesn't, chance that he uses wireshark group for something else is pretty slim, he won't break anything important.
I just ask this package for at least some feedback if it failed to do something, because right now user has no idea that something was set wrong (group id of non-existent group).
Names are irrelevent, the only thing that matters is the GID. It's similar to a URL, the URL itself doesn't really get you much besides a way to look up the IP. Your suggestion here will not work at all, as the packager needs to know the GID at build time to be able to assign it.
As for you question about whether it's reserved, yes it is: https://wiki.archlinux.org/index.php/DeveloperWiki:UID_/_GID_Database
"Your suggestion here will not work at all, as the packager needs to know the GID at build time to be able to assign it."
Really? I removed "-g 150" from pkgbuild and built and installed it myself and it works great.
Another problem with this is this: your package creates group by GID when installing, but when removing package, it removes group by name. Pretty inconsistent, you said you want to be sure that group which already exists is group we need, but you don't care about that when uninstalling.
Really? I removed "-g 150" from pkgbuild and built and installed it myself and it works great."
Then take that package to another computer. It won't work.
It's become obvious you don't understand how group management works in Linux. tredaelli, time to close this?