Update to wireshark-1.6.5. Add instructions to restrict use to authorized users.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@9904 af4574ff-66df-0310-9fd7-8a98e5e911e0

general.ent

@@ -499,7 +499,7 @@ $Date$
 <!ENTITY nmap-version                 "5.51">
 <!ENTITY whois-version                "5.0.12">
 <!ENTITY bind-version                 "9.8.1-P1">
-<!ENTITY wireshark-version            "0.99.6">
+<!ENTITY wireshark-version            "1.6.5">
 <!ENTITY avahi-version                "0.6.31">
 <!ENTITY mod_dnssd-version            "0.6">
 <!ENTITY NetworkManager-version       "0.9.4.0">

introduction/welcome/changelog.xml

@@ -44,6 +44,13 @@
     <listitem>
       <para>April 11th, 2012</para>
       <itemizedlist>
+        <listitem>
+          <para>[bdubbs] - Update to wireshark-1.6.5.  Add instructions
+          to restrict use to authorized users.
+          Fixes 
+          <ulink url="&blfs-ticket-root;2816">#2815</ulink> and
+          <ulink url="&blfs-ticket-root;2911">#2911</ulink>.</para>
+        </listitem>
         <listitem>
           <para>[bdubbs] - Fix screen to use the LFS value for gid.
           Fixes 

networking/netutils/wireshark.xml

@@ -5,11 +5,11 @@
   %general-entities;
 
   <!ENTITY wireshark-download-http "http://www.wireshark.org/download/src/all-versions/wireshark-&wireshark-version;.tar.bz2">
-  <!ENTITY wireshark-download-ftp  "&sources-anduin-ftp;/w/wireshark-&wireshark-version;.tar.bz2">
+  <!ENTITY wireshark-download-ftp  " ">
-  <!ENTITY wireshark-md5sum        "e57a8c8b364c38df3da97e2ee9f0d0bc">
+  <!ENTITY wireshark-md5sum        "794948a10d387fc8e37d824ea11dbac9">
-  <!ENTITY wireshark-size          "11.8 MB">
+  <!ENTITY wireshark-size          "21 MB">
-  <!ENTITY wireshark-buildsize     "449 MB">
+  <!ENTITY wireshark-buildsize     "952 MB">
-  <!ENTITY wireshark-time          "6.4 SBU">
+  <!ENTITY wireshark-time          "5.8 SBU">
 ]>
 
 <sect1 id="wireshark" xreflabel="Wireshark-&wireshark-version;">
@@ -38,6 +38,8 @@
     as well as the capability to read capture files from many other popular
     network analyzers.</para>
 
+    &lfs71_checked;
+
     <bridgehead renderas="sect3">Package Information</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
@@ -63,8 +65,9 @@
     <bridgehead renderas="sect3">Additional Downloads</bridgehead>
     <itemizedlist spacing="compact">
       <listitem>
-        <para>Additional Documentation: <ulink
+        <para>Additional Documentation: 
-        url="http://www.wireshark.org/docs/"/></para>
+           <ulink url="http://www.wireshark.org/download/docs/"/>
+         </para>
       </listitem>
     </itemizedlist>
 
@@ -82,31 +85,24 @@
     to the <command>configure</command> command.</para>
 
     <bridgehead renderas="sect4">Recommended</bridgehead>
-    <para role="recommended"><xref linkend="libpcap"/>
+    <para role="recommended">
-    (required to capture data)</para>
+      <xref linkend="libpcap"/> (required to capture data)
+    </para>
 
     <bridgehead renderas="sect4">Optional</bridgehead>
     <para role="optional"><!-- <xref linkend="pkgconfig"/>, -->
-    <xref linkend="gtk2"/> (to build the GUI front-end),
+      <xref linkend="gtk2"/> or <xref linkend="gtk3"/> (to build the GUI front-end),
       <xref linkend="openssl"/>,
       <xref linkend="mitkrb"/>,
       <xref linkend="python2"/>,
       <xref linkend="pcre"/>,
       <xref linkend="gnutls"/>,
-    <ulink url="http://www.net-snmp.org/">Net-SNMP</ulink>,
+      <ulink url="http://www.portaudio.com/download.html">PortAudio</ulink>,
+      <ulink url="http://www.maxmind.com/app/c">GeoIP</ulink>,
+      <!-- <ulink url="http://www.net-snmp.org/">Net-SNMP</ulink>, -->
       <ulink url="http://www.gnu.org/software/adns/adns.html">adns</ulink>, and
-    <ulink url="http://www.lua.org/">Lua</ulink></para>
+      <ulink url="http://www.lua.org/">Lua</ulink>
-
+    </para>
-    <!-- Though configure looks for all these, and the developers I'm
-         sure use them, the doc sources are not included in the release
-         tarball (they are in SVN, though)
-    <bridgehead renderas="sect4">Optional (to build additional
-    documentation)</bridgehead>
-    <para role="optional"><xref linkend="doxygen"/>,
-    <xref linkend="libxml"/>,
-    <xref linkend="libxslt"/>, and
-    <xref linkend="fop"/></para>
-    -->
 
     <para condition="html" role="usernotes">User Notes:
     <ulink url="&blfs-wiki;/wireshark"/></para>
@@ -134,8 +130,30 @@
   <sect2 role="installation">
     <title>Installation of Wireshark</title>
 
-    <para>Install <application>Wireshark</application> by running the following
+    <para>Optionally, fix the description of the program in the title. 
-    commands:</para>
+    The first change overwrites the default "SVN Unknown" in the title
+    and the secong overwrites a utility script that resets the version
+    to "unknown".</para>
+
+<screen><userinput>cat > svnversion.h &lt;&lt; "EOF"
+#define SVNVERSION "BLFS"
+#define SVNPATH "source"
+EOF
+
+cat > make-version.pl &lt;&lt; "EOF"
+#!/usr/bin/perl
+EOF</userinput></screen>
+
+    <para><application>Wireshark</application> is a very large and complex
+    application.  These instructions provide additional security measures to
+    ensure that only trusted users are allowed to view network traffic.  First,
+    set up a system groub for wireshark.  As the <systemitem
+    class="username">root</systemitem> user:</para>
+
+<screen role="root"><userinput>groupadd -g 62 wireshark</userinput></screen>
+
+    <para>Continue to install <application>Wireshark</application> by running
+    the following commands:</para>
 
 <screen><userinput>./configure --prefix=/usr \
             --sysconfdir=/etc \
@@ -149,19 +167,23 @@ make</userinput></screen>
 <screen role="root"><userinput>make install &amp;&amp;
 
 install -v -m755 -d /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
-install -v -m644    FAQ README{,.linux} doc/README.* doc/*.{pod,txt} \
+install -v -m755 -d /usr/share/pixmaps/wireshark &amp;&amp;
+
+install -v -m644    README{,.linux} doc/README.* doc/*.{pod,txt} \
                     /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
+
 pushd /usr/share/doc/wireshark-&wireshark-version; &amp;&amp;
-for FILENAME in ../../wireshark/*.html; do \
+   for FILENAME in ../../wireshark/*.html; do 
       ln -s -v $FILENAME .
-done &amp;&amp;
+   done &amp;&amp;
 popd &amp;&amp;
 
 install -v -m644 -D wireshark.desktop \
                     /usr/share/applications/wireshark.desktop &amp;&amp;
+
 install -v -m644 -D image/wsicon48.png \
                     /usr/share/pixmaps/wireshark.png &amp;&amp;
-install -v -m755 -d /usr/share/pixmaps/wireshark &amp;&amp;
+
 install -v -m644    image/*.{png,ico,xpm,bmp} \
                     /usr/share/pixmaps/wireshark</userinput></screen>
 
@@ -171,6 +193,16 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
 
 <screen role="root"><userinput>install -v -m644 <replaceable>&lt;Downloaded_Files&gt;</replaceable> /usr/share/doc/wireshark-&wireshark-version;</userinput></screen>
 
+  <para>Now, set ownership and permissions of sensitive applications to to
+  only allow authorized users.  As the <systemitem
+  class="username">root</systemitem> user:</para>
+
+<screen role="root"><userinput>chown -v root:wireshark /usr/bin/{tshark,dumpcap} &amp;&amp;
+chmod -v 6550 /usr/bin/{tshark,dumpcap}</userinput></screen>
+
+  <para>Finally, add any users to the wireshark group with <userinput>usermod -a -G
+  wireshark &lt;username&gt;</userinput>.</para>
+
   </sect2>
 
   <sect2 role="commands">
@@ -184,6 +216,9 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
     <application>OpenSSL</application>
     <filename class='libraryfile'>libcrypto</filename> library is found.</para>
 
+    <para><option>--with-python</option>: This parameter is required if you
+    want Python bindings built.</para>
+
   </sect2>
 
   <sect2 role="configuration">
@@ -238,9 +273,9 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
 
       <seglistitem>
         <seg>capinfos, dftest, dumpcap, editcap, idl2wrs, mergecap, randpkt,
-        text2pcap, tshark and wireshark</seg>
+        rawshark, text2pcap, tshark and wireshark</seg>
-        <seg>libwireshark.so, libwiretap.so and numerous dissector plugin
+        <seg>libwireshark.so, libwiretap.so, libwsutil.so, and 
-        modules</seg>
+        numerous plugin modules</seg>
         <seg>/usr/lib/wireshark, /usr/share/doc/wireshark-&wireshark-version;,
         /usr/share/pixmaps/wireshark and /usr/share/wireshark</seg>
       </seglistitem>
@@ -332,6 +367,16 @@ install -v -m644 image/*.{png,ico,xpm,bmp} \
         </listitem>
       </varlistentry>
 
+      <varlistentry id="rawshark">
+        <term><command>rawshark</command></term>
+        <listitem>
+          <para>dump and analyze raw libpcap data.</para>
+          <indexterm zone="wireshark rawshark">
+            <primary sortas="b-rawshark">rawshark</primary>
+          </indexterm>
+        </listitem>
+      </varlistentry>
+
       <varlistentry id="text2pcap">
         <term><command>text2pcap</command></term>
         <listitem>

postlfs/config/users.xml

@@ -98,6 +98,7 @@
         <row><entry>svntest </entry><entry>  </entry><entry>57</entry></row>
         <row><entry>games   </entry><entry>60</entry><entry>60</entry></row>
         <row><entry>kvm     </entry><entry>  </entry><entry>61</entry></row>
+        <row><entry>wireshark</entry><entry> </entry><entry>62</entry></row>
         <row><entry>scanner </entry><entry>  </entry><entry>70</entry></row>
         <row><entry>avahi   </entry><entry>84</entry><entry>84</entry></row>
         <row><entry>avahi-autoipd</entry><entry>85</entry><entry>85</entry></row>
@@ -111,8 +112,7 @@
 
   <para>One value that is missing is 65534.  This value is customarily assigned
   to the user <systemitem class="username">nobody</systemitem> and group
-  <systemitem class="groupname">nogroup</systemitem> and is unnecessary.  <!--The
+  <systemitem class="groupname">nogroup</systemitem> and is unnecessary.
-  issue is explained in more detail in the first note in the <xref
+  </para>
-  linkend="nfs-utils-install"/> section.--></para>
 
 </sect1>