Commit graph

48 commits

Author SHA1 Message Date
Bjørn Forsman
a70197a653 wireshark: add patch to lookup "dumpcap" in PATH
What this allows us to do is define a "dumpcap" setuid wrapper in NixOS
and have wireshark use that instead of the non-setuid dumpcap binary
that it normally uses.

As far as I can tell, the code that is changed to do lookup in PATH is
only used by wireshark/tshark to find dumpcap. dumpcap, the thing that's
typically setuid, is not affected by this patch. wireshark and tshark
should *not* be installed setuid, so the fact that they now do lookup in
PATH is not a security concern.

With this commit, and the following config, only "root" and users in the
"wireshark" group will have access to capturing network traffic with
wireshark/dumpcap:

  environment.systemPackages = [ pkgs.wireshark ];
  security.setuidOwners = [
    { program = "dumpcap";
      owner = "root";
      group = "wireshark";
      setuid = true;
      setgid = false;
      permissions = "u+rx,g+x";
    }
  ];
  users.extraGroups.wireshark.gid = 500;

(This wouldn't have worked before, because then wireshark would not use
our setuid dumpcap binary.)
2014-04-22 21:33:11 +02:00
Bjørn Forsman
cbd4650a1a wireshark: add myself (bjornfor) as maintainer 2014-04-22 21:33:11 +02:00
Bjørn Forsman
27477f1fac wireshark: build with libcap (POSIX capabilities)
This makes running wireshark (or more specifically, dumpcap) as root a
bit more secure. From <wireshark-1.11.2>/doc/README.packaging:

  The "--with-libcap" option is only useful when dumpcap is installed
  setuid. If it is enabled dumpcap will try to drop any setuid privileges
  it may have while retaining the CAP_NET_ADMIN and CAP_NET_RAW
  capabilities. It is enabled by default, if the Linux capabilities
  library (on which it depends) is found.
2014-04-22 21:33:11 +02:00
Michael Raskin
9233723353 Temporary patch for Wireshark build 2014-04-06 00:57:35 +04:00
Peter Simons
ca73a92578 wireshark: the gtk3 build fails, so use gtk2
Duh, this is much more difficult than I would have thought.
2014-01-17 11:10:58 +01:00
Peter Simons
ac2a215c10 wireshark: build GUI with gtk3
This should be configurable, I guess.
2014-01-17 10:37:53 +01:00
Peter Simons
c1a80535ad wireshark: update from 1.10.5 to 1.11.2 2014-01-15 17:29:14 +01:00
Nixpkgs Monitor
f512614a10 wireshark: update from 1.10.3 to 1.10.5, potentially fixes CVE-2013-7112, CVE-2013-7113, CVE-2013-7114 2014-01-10 08:28:58 +01:00
Mathijs Kwik
5771888f4e wireshark: upgrade to 1.10.3
- cleaned up dependencies
- python support is deprecated (upstream) in favor of pyreshark
2013-12-23 10:21:18 +01:00
Nixpkgs Monitor
8c042a49eb etherape: update from 0.9.12 to 0.9.13 2013-12-15 12:38:46 +02:00
Vladimír Čunát
5fd97b7067 wireshark: bugfix+CVE update to current old-stable
The old version also didn't build anymore on x-updates.
2013-11-23 14:42:42 +01:00
Bjørn Forsman
083d0890f5 More description fixes
* Remove package name
* Start with upper case letter
* Remove trailing period

Also reword some descriptions and move some long descriptions to
longDescription.

I'm not touching generated packages.
2013-10-06 12:01:38 +02:00
Jaka Hudoklin
f295cf2395 Add ettercap, a comprehensive suite for man in the middle attacks 2013-10-03 15:35:34 +02:00
Alexander Tsamutali
e886f9aea1 applications/networking/sniffers/kismet: Update to 2013-03-R1b. 2013-09-07 16:46:53 +04:00
Bjørn Forsman
d6f7910722 wireshark: bump from 1.8.6 to 1.8.7 (security update) 2013-05-21 22:53:46 +02:00
Bjørn Forsman
af6503b2af wireshark: add desktop item
And fix a small "ethereal" typo.
2013-05-21 22:48:50 +02:00
Bjørn Forsman
3b6a347bea wireshark: update homepage URL 2013-05-11 20:31:24 +02:00
Bjørn Forsman
8c108024ab wireshark: bump to version 1.8.6
Multiple vulnerabilities and many bugs have been fixed. See the release
notes for details:

  http://www.wireshark.org/docs/relnotes/wireshark-1.8.6.html
2013-05-11 20:31:13 +02:00
Vladimír Čunát
26af997d41 Merge branch 'master' into stdenv-updates
Conflicts (simple):
	pkgs/applications/networking/browsers/chromium/default.nix
	pkgs/development/libraries/libsoup/default.nix
	pkgs/os-specific/linux/kernel/manual-config.nix
	pkgs/os-specific/linux/qemu-kvm/default.nix
2013-03-02 10:41:53 +01:00
Eelco Dolstra
5509f3beec wireshark: Update to 1.8.5
CVE-2013-1582, CVE-2013-1586, CVE-2013-1588, CVE-2013-1590
2013-02-27 15:07:28 +01:00
Vladimír Čunát
aacc9a6d0d etherape: fix build 2013-02-23 15:23:18 +01:00
Michael Raskin
3b01ff4591 Update Wireshark 2012-10-17 22:45:54 +04:00
Lluís Batlle i Rossell
2ecb9fdb58 aircrackng, kismet: update them to latest trunk and release respectively 2012-08-11 14:42:35 +02:00
Peter Simons
1a4f43c7b3 wireshark: updated to version 1.6.2
svn path=/nixpkgs/trunk/; revision=30426
2011-11-14 15:11:23 +00:00
Lluís Batlle i Rossell
1175e3e46b Adding etherape, although it wants those gconf things I think.
svn path=/nixpkgs/trunk/; revision=29437
2011-09-22 09:19:33 +00:00
Michael Raskin
7195b61a31 Update Wireshark
svn path=/nixpkgs/branches/stdenv-updates/; revision=24785
2010-11-20 20:51:29 +00:00
Michael Raskin
4325bd0b28 Update Wireshark to release
svn path=/nixpkgs/trunk/; revision=24129
2010-10-07 07:56:00 +00:00
Michael Raskin
3a0bf4d42d Update wireshark
svn path=/nixpkgs/trunk/; revision=23516
2010-08-29 19:17:00 +00:00
Armijn Hemel
1aee2df93a update libpcap to 1.1.1 and wireshark to 1.3.4
svn path=/nixpkgs/trunk/; revision=21205
2010-04-21 13:31:08 +00:00
Lluís Batlle i Rossell
bb8a2181ad Updating kismet
svn path=/nixpkgs/trunk/; revision=20934
2010-04-03 22:07:59 +00:00
Armijn Hemel
a53ab8a2e7 update to 1.3.2
svn path=/nixpkgs/trunk/; revision=19107
2009-12-25 12:38:08 +00:00
Marc Weber
5b3c7c6b7a wireshark update - old source vanished
svn path=/nixpkgs/trunk/; revision=17865
2009-10-18 04:43:59 +00:00
Michael Raskin
2eb7441069 Wireshark update
svn path=/nixpkgs/trunk/; revision=15439
2009-05-04 11:01:59 +00:00
Marc Weber
498be42912 version bump: wireshark-1.1.2, libpcap-1.0.0
svn path=/nixpkgs/trunk/; revision=14054
2009-02-12 20:28:01 +00:00
Lluís Batlle i Rossell
30f8a1bd25 Adding kismet.
svn path=/nixpkgs/trunk/; revision=13938
2009-02-01 21:21:27 +00:00
Armijn Hemel
e89fed21f9 update to 1.0.3
svn path=/nixpkgs/trunk/; revision=12845
2008-09-11 22:04:27 +00:00
Armijn Hemel
84d3e027b8 update to 1.0.2
svn path=/nixpkgs/trunk/; revision=12362
2008-07-15 22:21:21 +00:00
Armijn Hemel
10ca296d82 change 'name' to version number of the tarball (was still at 0.99.7)
svn path=/nixpkgs/trunk/; revision=11732
2008-04-27 21:47:21 +00:00
Marc Weber
7e43554ace Updated wireshark (used all-versions/ url now so if version changes url will still be valid in the future) - is this good or bad?
svn path=/nixpkgs/trunk/; revision=11610
2008-04-12 12:44:56 +00:00
Armijn Hemel
aae41dd4d4 update to 0.99.7
svn path=/nixpkgs/trunk/; revision=10005
2007-12-31 18:41:30 +00:00
Michael Raskin
9b43958df5 Version bump. Wireshark.org has already pulled old version off site...
svn path=/nixpkgs/trunk/; revision=8950
2007-07-06 13:07:14 +00:00
Armijn Hemel
c068774f59 cleanups, build graphical frontend too
svn path=/nixpkgs/trunk/; revision=8677
2007-05-14 00:04:39 +00:00
Armijn Hemel
16fc4c0838 ethereal -> wireshark
update to 0.99.5

svn path=/nixpkgs/trunk/; revision=8675
2007-05-13 23:24:34 +00:00
Eelco Dolstra
1442e8ec22 * Copy a bunch of files to nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=6711
2006-10-12 13:50:54 +00:00
Armijn Hemel
93957f48c3 ethereal 0.99
svn path=/nixpkgs/trunk/; revision=5291
2006-05-10 22:56:03 +00:00
Eelco Dolstra
3389f4bc36 * Copy lots of files to nix.cs.uu.nl.
svn path=/nixpkgs/trunk/; revision=4623
2006-01-30 16:04:03 +00:00
Eelco Dolstra
53c56afcfe * Fix some broken URLs.
svn path=/nixpkgs/trunk/; revision=4622
2006-01-30 15:52:15 +00:00
Armijn Hemel
98efb8f3ab add ethereal
svn path=/nixpkgs/trunk/; revision=4212
2005-11-03 19:55:05 +00:00