33 lines
897 B
Docker
33 lines
897 B
Docker
|
# Run Wireshark in a container
|
||
|
FROM ubuntu:xenial
|
||
|
MAINTAINER Andrey Arapov <andrey.arapov@nixaid.com>
|
||
|
|
||
|
# To avoid problems with Dialog and curses wizards
|
||
|
ENV DEBIAN_FRONTEND noninteractive
|
||
|
|
||
|
RUN apt-get update && \
|
||
|
apt-get -y --no-install-recommends install \
|
||
|
ca-certificates wireshark && \
|
||
|
rm -rf -- /var/lib/apt/lists
|
||
|
|
||
|
ENV USER user
|
||
|
ENV UID 1000
|
||
|
ENV HOME /home/$USER
|
||
|
|
||
|
ENV LC_ALL C.UTF-8
|
||
|
|
||
|
RUN useradd -u $UID -m -d $HOME -s /usr/sbin/nologin $USER
|
||
|
|
||
|
# Allow a non-privileged user to use the wireshark
|
||
|
# https://wiki.wireshark.org/CaptureSetup/CapturePrivileges
|
||
|
RUN setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap
|
||
|
|
||
|
USER $USER
|
||
|
WORKDIR $HOME
|
||
|
ENTRYPOINT [ "wireshark" ]
|
||
|
|
||
|
# Just an alternative way to start wireshark
|
||
|
# RUN echo "$USER ALL=NOPASSWD:SETENV:/usr/bin/wireshark" | tee /etc/sudoers.d/$USER
|
||
|
# ENTRYPOINT [ "sudo", "-E", "wireshark" ]
|
||
|
# xhost +; wireshark; xhost -
|