running wireshark "Lua: Error during loading"

Question

By running wireshark in 14.04 I got this error What should I do to solve this?

Lua: Error during loading: [string "/usr/share/wireshark/init.lua"]:46: dofile has been disabled due to running Wireshark as superuser. See http://wiki.wireshark.org/CaptureSetup/CapturePrivileges for help in running Wireshark as an unprivileged user.

Panther · Accepted Answer · 2017-11-27T15:03:08.027

That is because (I presume) you are running wireshark as root

From the link you were given in the message:

You need to run Wireshark or TShark on an account with sufficient privileges to capture, or need to give the account on which you're running Wireshark or TShark sufficient privileges to capture. The way this is done differs from operating system to operating system.

To be secure (at least in a way), it is recommended that even an administrator should always run in an account with (limited) user privileges, and only start processes that really need the administrator privileges. The Security page provides explanations why this is a good idea.

Setting network privileges for dumpcap

Ensure your linux kernel and filesystem supports File Capabilities and also you have installed necessary tools.

"setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap"

Start Wireshark as non-root and ensure you see the list of interfaces and can do live capture.

so ...

sudo setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap

don't forget to add the user to the wireshark group

sudo usermod -aG wireshark $USER

and (!) logo-off and log-on again. Then run wireshark as a non-root user.

score 2 · Answer 2 · edited Jan 12 '18 at 18:26

2

I found a simple fix for this.

Go to usr/share/wireshark.
Open init.lua with a text editor.
Change disable_lua = false to disable_lua = true.

edited Jan 12 '18 at 18:26

pomsky

70,557

answered Apr 19 '17 at 14:09

zack

21
1

score 1 · Answer 3 · edited Nov 02 '17 at 11:28

1

That is because you didn't add user to wireshark group, So:

sudo dpkg-reconfigure wireshark-common

Say YES to the message box.This adds a wireshark group.Then add user to the group by typing

sudo adduser $USER wireshark

Then restart your machine and open wireshark.

Run

wireshark

and it works good luck ;)

by @Thusitha Sumanadasa

edited Nov 02 '17 at 11:28

Zanna

72,312

answered Oct 23 '17 at 17:16

Mhirsi Hamza

11

score 0 · Answer 4 · answered Oct 23 '18 at 07:41

0

I am using Mint (based on Ubuntu), in my case, it's the location of the output file caused the issue, when I change the output file to under /tmp/, then the issue is solved.

e.g

tshark -i wlp7s0 -w /tmp/a.pcap

answered Oct 23 '18 at 07:41

Eric

510

score 0 · Answer 5 · edited Jan 20 '22 at 03:31

0

Run the following command to open /usr/share/wireshark/init.lua in a text editor:

nano /usr/share/wireshark/init.lua

There you'll see a line similar to this:

 enable_lua = true

Make it look like

 enable_lua = false

Press Ctrl + X to save and exit.

Wireshark is ready to use!

edited Jan 20 '22 at 03:31

Error404

8,278
3
35
60

answered Jan 19 '22 at 16:12

user1563292

11

running wireshark "Lua: Error during loading"

5 Answers5

Linked