wireshark-kinoite

This sysext is for Fedora Kinoite only. If you are using Fedora Silverblue, use wireshark-silverblue instead.

How to use

• Install the system extension
• Add users to the tcpdump group:

  $ grep -E '^tcpdump:' /usr/lib/group | sudo tee -a /etc/group
  $ sudo usermod --append --groups=tcpdump $USER
  

Why not use the Flatpak?

It should currently be possible to use the Wireshark Flatpak and connect to the local system via SSH to a rootful container that has tcpdump installed.

See: https://discussion.fedoraproject.org/t/silverblue-wireshark-does-not-see-network-interfaces/88916/11

This requires some manual setup thus in some cases, using this sysext should be easier.

Why not use layering?

See: https://github.com/fedora-silverblue/issue-tracker/issues/50

Compatibility

This sysext is compatible with Fedora Kinoite only. If you are using Fedora Silverblue, use wireshark-silverblue instead.

Versions available

See the wireshark-kinoite versions.

Usage instructions

First time setup

Run those commands if you have not yet installed any sysext on your system:

sudo install -d -m 0755 -o 0 -g 0 /var/lib/extensions /var/lib/extensions.d
sudo restorecon -RFv /var/lib/extensions /var/lib/extensions.d
sudo systemctl enable --now systemd-sysext.service

Installation

Define a helper function:

install_sysext() {
  SYSEXT="${1}"
  URL="https://extensions.fcos.fr/extensions"
  sudo install -d -m 0755 -o 0 -g 0 /etc/sysupdate.${SYSEXT}.d
  sudo restorecon -RFv /etc/sysupdate.${SYSEXT}.d
  curl --silent --fail --location "${URL}/${SYSEXT}.conf" \
    | sudo tee "/etc/sysupdate.${SYSEXT}.d/${SYSEXT}.conf"
  sudo /usr/lib/systemd/systemd-sysupdate update --component "${SYSEXT}"
}

Install the sysext:

install_sysext wireshark-kinoite

Merging

Note that this will merge all installed sysexts unconditionally:

sudo systemctl restart systemd-sysext.service
systemd-sysext status

You can also reboot the system.

Updates

Update this sysext using:

sudo /usr/lib/systemd/systemd-sysupdate update --component wireshark-kinoite

If you want to use the new version immediately, make sure to refresh the merged sysexts:

sudo systemctl restart systemd-sysext.service
systemd-sysext status

To update all sysexts on a system:

for c in $(/usr/lib/systemd/systemd-sysupdate components --json=short | jq --raw-output '.components[]'); do
    sudo /usr/lib/systemd/systemd-sysupdate update --component "${c}"
done

Uninstall

Define a helper function:

uninstall_sysext() {
  SYSEXT="${1}"
  sudo rm -i "/var/lib/extensions/${SYSEXT}.raw"
  sudo rm -i "/var/lib/extensions.d/${SYSEXT}-"*".raw"
  sudo rm -i "/etc/sysupdate.${SYSEXT}.d/${SYSEXT}.conf"
  sudo rmdir "/etc/sysupdate.${SYSEXT}.d/"
}

Uninstall the sysext:

uninstall_sysext wireshark-kinoite

Reboot your system or refresh the merged sysexts:

sudo systemctl restart systemd-sysext.service
systemd-sysext status