That's probably an automatic permission fix for the sake of securing the OS. Something in the OS is setting the ownership back to root:wheel. (since owner permissions say read is enabled - the first "rw" in directory listing). That makes perfect sense you've taken ownership of the bp* files and can read them. So, you set the ownership to username:admin and Wireshark works. I'm not a mac programmer, but it looks like some it relates to errors in UI presentation. I reran the installer and got the same log errors as you, so I don't think that's relevant. ![]() No idea what it means except it looks as though it failed? 13:52:22-05 2019-Mac-Pro Installer: Could not load resource license: (null) 13:52:22-05 2019-Mac-Pro Installer: Could not load resource readme: (null) 13:52:22-05 2019-Mac-Pro Installer: External component packages (1) trustLevel=350 Contents/Resources/Extras/Install ChmodBPF.pkg trustLevel=350 13:52:22-05 2019-Mac-Pro Installer: Product archive /Applications/Wireshark.app 13:52:22-05 2019-Mac-Pro Installer: Failed to load specified background image 13:52:21-05 2019-Mac-Pro Installer: Package Authoring Error: has an unsupported MIME type: X-NSObject/NSNumber 13:52:21-05 2019-Mac-Pro Installer: Opened from: /Applications/Wireshark.app/Contents/Resources/Extras/Install ChmodBPF.pkg I did just use Console to look at the install log for chmodBPF, and this is what I found: Can you check and see if you have that plist file? I think that was installed at some point after first running Wireshark. This just executes /Library/Application Support/Wireshark/ChmodBPF/ChmodBPF, which sets the permissions and ownership for me. Since I'm in the access_bpf group, I inherit the permissions to read from and write to those devices.Įvery time my computer boots, /Library/LaunchDaemons/ runs. The second "rw" represents the permissions granted to "access_bpf" for that device read and write is granted. This says that access_bpf is the group that owns that device. My bf* entries have permissions and ownership that allow me to do that.Ĭrw-rw- 1 root access_bpf 23, 99 Nov 7 09:50 bpf0 ![]() I believe that "bpf" refers to "Berkeley Packet Filter", those devices allow you to monitor traffic on network interfaces (assuming you have permission to read those devices). For example, everything under "/dev" is actually a device. ![]() That's not to say that a bunch of non-file things can be found in the file system. That is a user group and I'm not sure if it's represented anywhere in the file system. I think you're saying that you expected to find "access_bpf" somewhere as a file. Perhaps we can puzzle through this together, until someone with actual knowledge chimes in.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |