Just wondering if anyone knows how to configure selinux to allow wireshark. It seems one must set labels for all the wireshark related files, but I am not sure which files they are. I have already set /usr/bin/dumpcap. Maybe I have to do that for each network device as well?
I have looked at all the permissions, am sure it's not a DAC problem
I am using fedora silverblue 34.
I will probably install Kali Linux, but it would good to learn some selinux anyway.
If someone could point me towards a decent tutorial, that would be handy.
Doesn't wireshark package have proper selinux-policy?
One can temporarily set selinux into permissive mode: setenforce 0
In permissive mode selinux logs all events, but does not block them.
That way you get all wireshark-events and not just the first that stops wireshark.