linux-from-scratch/glfs
1
0
Fork 0
mirror of https://github.com/Zeckmathederg/glfs.git synced 2025-01-23 22:42:14 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update to wireshark-1.6.5. Add instructions to restrict use to authorized users.

Browse Source 
git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@9904 af4574ff-66df-0310-9fd7-8a98e5e911e0
This commit is contained in:
Bruce Dubbs 2012-04-11 23:35:38 +00:00
parent f0af58fb9b
commit a079e73c2f
4 changed files with 97 additions and 45 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
general.ent
View File

@ -499,7 +499,7 @@ $Date$
<!ENTITY nmap-version "5.51">
<!ENTITY whois-version "5.0.12">
<!ENTITY bind-version "9.8.1-P1">
<!ENTITY wireshark-version "0.99.6">
<!ENTITY wireshark-version "1.6.5">
<!ENTITY avahi-version "0.6.31">
<!ENTITY mod_dnssd-version "0.6">
<!ENTITY NetworkManager-version "0.9.4.0">

7
introduction/welcome/changelog.xml
View File

@ -44,6 +44,13 @@
<listitem>
<para>April 11th, 2012</para>
<itemizedlist>
<listitem>
<para>[bdubbs] - Update to wireshark-1.6.5. Add instructions
to restrict use to authorized users.
Fixes
<ulink url="&blfs-ticket-root;2816">#2815</ulink> and
<ulink url="&blfs-ticket-root;2911">#2911</ulink>.</para>
</listitem>
<listitem>
<para>[bdubbs] - Fix screen to use the LFS value for gid.
Fixes

127
networking/netutils/wireshark.xml
View File

@ -5,11 +5,11 @@
%general-entities;
<!ENTITY wireshark-download-http "http://www.wireshark.org/download/src/all-versions/wireshark-&wireshark-version;.tar.bz2">
<!ENTITY wireshark-download-ftp "&sources-anduin-ftp;/w/wireshark-&wireshark-version;.tar.bz2">
<!ENTITY wireshark-md5sum "e57a8c8b364c38df3da97e2ee9f0d0bc">
<!ENTITY wireshark-size "11.8 MB">
<!ENTITY wireshark-buildsize "449 MB">
<!ENTITY wireshark-time "6.4 SBU">
<!ENTITY wireshark-download-ftp " ">
<!ENTITY wireshark-md5sum "794948a10d387fc8e37d824ea11dbac9">
<!ENTITY wireshark-size "21 MB">
<!ENTITY wireshark-buildsize "952 MB">
<!ENTITY wireshark-time "5.8 SBU">
]>
<sect1 id="wireshark" xreflabel="Wireshark-&wireshark-version;">
@ -38,6 +38,8 @@
as well as the capability to read capture files from many other popular
network analyzers.</para>
&lfs71_checked;
<bridgehead renderas="sect3">Package Information</bridgehead>
<itemizedlist spacing="compact">
<listitem>
@ -63,8 +65,9 @@
<bridgehead renderas="sect3">Additional Downloads</bridgehead>
<itemizedlist spacing="compact">
<listitem>
<para>Additional Documentation: <ulink
url="http://www.wireshark.org/docs/"/></para>
<para>Additional Documentation:
<ulink url="http://www.wireshark.org/download/docs/"/>
</para>
</listitem>
</itemizedlist>
@ -82,31 +85,24 @@
to the <command>configure</command> command.</para>
<bridgehead renderas="sect4">Recommended</bridgehead>
<para role="recommended"><xref linkend="libpcap"/>
(required to capture data)</para>
<para role="recommended">
<xref linkend="libpcap"/> (required to capture data)
</para>
<bridgehead renderas="sect4">Optional</bridgehead>
<para role="optional"><!-- <xref linkend="pkgconfig"/>, -->
<xref linkend="gtk2"/> (to build the GUI front-end),
<xref linkend="openssl"/>,
<xref linkend="mitkrb"/>,
<xref linkend="python2"/>,
<xref linkend="pcre"/>,
<xref linkend="gnutls"/>,
<ulink url="http://www.net-snmp.org/">Net-SNMP</ulink>,
<ulink url="http://www.gnu.org/software/adns/adns.html">adns</ulink>, and
<ulink url="http://www.lua.org/">Lua</ulink></para>
<!-- Though configure looks for all these, and the developers I'm
sure use them, the doc sources are not included in the release
tarball (they are in SVN, though)
<bridgehead renderas="sect4">Optional (to build additional
documentation)</bridgehead>
<para role="optional"><xref linkend="doxygen"/>,
<xref linkend="libxml"/>,
<xref linkend="libxslt"/>, and
<xref linkend="fop"/></para>
-->
<xref linkend="gtk2"/> or <xref linkend="gtk3"/> (to build the GUI front-end),
<xref linkend="openssl"/>,
<xref linkend="mitkrb"/>,
<xref linkend="python2"/>,
<xref linkend="pcre"/>,
<xref linkend="gnutls"/>,
<ulink url="http://www.portaudio.com/download.html">PortAudio</ulink>,
<ulink url="http://www.maxmind.com/app/c">GeoIP</ulink>,
<!-- <ulink url="http://www.net-snmp.org/">Net-SNMP</ulink>, -->
<ulink url="http://www.gnu.org/software/adns/adns.html">adns</ulink>, and
<ulink url="http://www.lua.org/">Lua</ulink>
</para>
<para condition="html" role="usernotes">User Notes:
<ulink url="&blfs-wiki;/wireshark"/></para>
@ -134,8 +130,30 @@
<sect2 role="installation">
<title>Installation of Wireshark</title>
<para>Install <application>Wireshark</application> by running the following
commands:</para>
<para>Optionally, fix the description of the program in the title.
The first change overwrites the default "SVN Unknown" in the title
and the secong overwrites a utility script that resets the version
to "unknown".</para>
<screen><userinput>cat > svnversion.h &lt;&lt; "EOF"
#define SVNVERSION "BLFS"
#define SVNPATH "source"
EOF
cat > make-version.pl &lt;&lt; "EOF"
#!/usr/bin/perl
EOF</userinput></screen>
<para><application>Wireshark</application> is a very large and complex
application. These instructions provide additional security measures to
ensure that only trusted users are allowed to view network traffic. First,
set up a system groub for wireshark. As the <systemitem
class="username">root</systemitem> user:</para>
<screen role="root"><userinput>groupadd -g 62 wireshark</userinput></screen>
<para>Continue to install <application>Wireshark</application> by running
the following commands:</para>
<screen><userinput>./configure --prefix=/usr \
--sysconfdir=/etc \
@ -149,21 +167,25 @@ make</userinput></screen>
<screen role="root"><userinput>make install &amp;&amp;
install -v -m755 -d /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
install -v -m644 FAQ README{,.linux} doc/README.* doc/*.{pod,txt} \
install -v -m755 -d /usr/share/pixmaps/wireshark &amp;&amp;
install -v -m644 README{,.linux} doc/README.* doc/*.{pod,txt} \
/usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
pushd /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
for FILENAME in ../../wireshark/*.html; do \
ln -s -v $FILENAME .
done &amp;&amp;
for FILENAME in ../../wireshark/*.html; do
ln -s -v $FILENAME .
done &amp;&amp;
popd &amp;&amp;
install -v -m644 -D wireshark.desktop \
/usr/share/applications/wireshark.desktop &amp;&amp;
install -v -m644 -D image/wsicon48.png \
/usr/share/pixmaps/wireshark.png &amp;&amp;
install -v -m755 -d /usr/share/pixmaps/wireshark &amp;&amp;
install -v -m644 image/*.{png,ico,xpm,bmp} \
/usr/share/pixmaps/wireshark</userinput></screen>
install -v -m644 image/*.{png,ico,xpm,bmp} \
/usr/share/pixmaps/wireshark</userinput></screen>
<para>If you downloaded any of the documentation files from the page
listed in the 'Additional Downloads', install them by issuing the following
@ -171,6 +193,16 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
<screen role="root"><userinput>install -v -m644 <replaceable>&lt;Downloaded_Files&gt;</replaceable> /usr/share/doc/wireshark-&wireshark-version;</userinput></screen>
<para>Now, set ownership and permissions of sensitive applications to to
only allow authorized users. As the <systemitem
class="username">root</systemitem> user:</para>
<screen role="root"><userinput>chown -v root:wireshark /usr/bin/{tshark,dumpcap} &amp;&amp;
chmod -v 6550 /usr/bin/{tshark,dumpcap}</userinput></screen>
<para>Finally, add any users to the wireshark group with <userinput>usermod -a -G
wireshark &lt;username&gt;</userinput>.</para>
</sect2>
<sect2 role="commands">
@ -184,6 +216,9 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
<application>OpenSSL</application>
<filename class='libraryfile'>libcrypto</filename> library is found.</para>
<para><option>--with-python</option>: This parameter is required if you
want Python bindings built.</para>
</sect2>
<sect2 role="configuration">
@ -238,9 +273,9 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
<seglistitem>
<seg>capinfos, dftest, dumpcap, editcap, idl2wrs, mergecap, randpkt,
text2pcap, tshark and wireshark</seg>
<seg>libwireshark.so, libwiretap.so and numerous dissector plugin
modules</seg>
rawshark, text2pcap, tshark and wireshark</seg>
<seg>libwireshark.so, libwiretap.so, libwsutil.so, and
numerous plugin modules</seg>
<seg>/usr/lib/wireshark, /usr/share/doc/wireshark-&wireshark-version;,
/usr/share/pixmaps/wireshark and /usr/share/wireshark</seg>
</seglistitem>
@ -332,6 +367,16 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
</listitem>
</varlistentry>
<varlistentry id="rawshark">
<term><command>rawshark</command></term>
<listitem>
<para>dump and analyze raw libpcap data.</para>
<indexterm zone="wireshark rawshark">
<primary sortas="b-rawshark">rawshark</primary>
</indexterm>
</listitem>
</varlistentry>
<varlistentry id="text2pcap">
<term><command>text2pcap</command></term>
<listitem>

6
postlfs/config/users.xml
View File

@ -98,6 +98,7 @@
<row><entry>svntest </entry><entry> </entry><entry>57</entry></row>
<row><entry>games </entry><entry>60</entry><entry>60</entry></row>
<row><entry>kvm </entry><entry> </entry><entry>61</entry></row>
<row><entry>wireshark</entry><entry> </entry><entry>62</entry></row>
<row><entry>scanner </entry><entry> </entry><entry>70</entry></row>
<row><entry>avahi </entry><entry>84</entry><entry>84</entry></row>
<row><entry>avahi-autoipd</entry><entry>85</entry><entry>85</entry></row>
@ -111,8 +112,7 @@
<para>One value that is missing is 65534. This value is customarily assigned
to the user <systemitem class="username">nobody</systemitem> and group
<systemitem class="groupname">nogroup</systemitem> and is unnecessary. <!--The
issue is explained in more detail in the first note in the <xref
linkend="nfs-utils-install"/> section.--></para>
<systemitem class="groupname">nogroup</systemitem> and is unnecessary.
</para>
</sect1>