How to install tshark on Docker?
apt install tshark, there is a following prompt.
The prompt stopping install despite I typed
How to install tshark in Dockerfile?
Dumpcap can be installed in a way that allows members of the "wireshark" system group to capture packets. This is recommended over the alternative of running Wireshark/Tshark directly as root, because less of the code will run with elevated privileges. For more detailed information please see /usr/share/doc/wireshark-common/README.Debian. Enabling this feature may be a security risk, so it is disabled by default. If in doubt, it is suggested to leave it disabled. Should non-superusers be able to capture packets? [yes/no] yes
One Solution collect form web for “How to install tshark on Docker?”
First, you generally have (to avoid having to type ‘yes’):
RUN apt install -yq xxx
- you can check out this tshark image, which does install dumcap; by compiling wireshark, which produced dumpcap.
- the alternative (no compilation, only install) is this image
The install command becomes in that last case:
# Install build wireshark, need to run as root RUN apt-get update && \ apt-get install -y wireshark && \ groupadd wireshark && \ usermod -aG wireshark developer && \ setcap 'CAP_NET_RAW+eip CAP_NET_ADMIN+eip' /usr/bin/dumpcap && \ chgrp wireshark /usr/bin/dumpcap && \ chmod 750 /usr/bin/dumpcap