Scribd Logo
Upload

Welcome to Scribd!

  • Read Me First

    Uploaded by

    Nathan Russell
    8 views2 pages
    The Wireshark installer writes files to several locations on the system, including /Applications, /Library, and /usr/local/bin. It also creates an access_bpf group and adds the installing user. To uninstall, the user removes files and folders in those locations, removes the launchd job and group, and deletes entries added to /etc/paths.d and /etc/manpaths.d. The Wireshark wrapper script looks in several default paths and the WIRESHARK_APP_DIR variable to locate Wireshark.app if it is moved.

    Original Description:

    read me

    Copyright

    © © All Rights Reserved

    Available Formats

    RTF, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The Wireshark installer writes files to several locations on the system, including /Applications, /Library, and /usr/local/bin. It also creates an access_bpf group and adds the installing user. To uninstall, the user removes files and folders in those locations, removes the launchd job and group, and deletes entries added to /etc/paths.d and /etc/manpaths.d. The Wireshark wrapper script looks in several default paths and the WIRESHARK_APP_DIR variable to locate Wireshark.app if it is moved.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views2 pages

    Read Me First

    Uploaded by

    Nathan Russell
    The Wireshark installer writes files to several locations on the system, including /Applications, /Library, and /usr/local/bin. It also creates an access_bpf group and adds the installing user. To uninstall, the user removes files and folders in those locations, removes the launchd job and group, and deletes entries added to /etc/paths.d and /etc/manpaths.d. The Wireshark wrapper script looks in several default paths and the WIRESHARK_APP_DIR variable to locate Wireshark.app if it is moved.

    Copyright:

    © All Rights Reserved
    Download as RTF, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    Before You Begin

    This release of Wireshark requires macOS 10.12 or later. If you are


    running an earlier version of macOS you can install using another
    packaging system such as Homebrew or MacPorts.

    Quick Setup

    1. Simply double-click the Wireshark package. For details about the


    installation read below.

    What changes does the installer make?

    The installer writes to the following locations:

    • /Applications/Wireshark.app. The main Wireshark application.


    • /Library/LaunchDaemons/org.wireshark.ChmodBPF.plist . A launch
    daemon that adjusts permissions on the system's packet capture
    devices (/dev/bpf*) when the system starts up.
    • /Library/Application Support/Wireshark/ChmodBPF A copy of the
    launch daemon property list, and the script that the launch
    daemon runs.
    • /usr/local/bin. A wrapper script and symbolic links which will let you
    run Wireshark and its associated utilities from the command line.
    You can access them directly or by adding /usr/local/bin to your
    PATH if it's not already in your PATH.
    • /etc/paths.d/Wireshark. The folder name in this file is automatically
    added to PATH
    • /etc/manpaths.d/Wireshark. The folder name in this file is used by the
    man command.

    Additionally a group namedaccess_bpf is created. The user who


    opened the package is added to the group.

    How do I uninstall?

    1. Remove/Applications/Wireshark.app
    2. Remove/Library/Application Support/Wireshark
    3. Remove the wrapper scripts from/usr/local/bin
    4. Unload theorg.wireshark.ChmodBPF.plist launchd job
    5. Remove/Library/LaunchDaemons/org.wireshark.ChmodBPF.plist
    6. Remove theaccess_bpf group.
    7. Remove /etc/paths.d/Wireshark
    8. Remove /etc/manpaths.d/Wireshark

    How does the wrapper script work? What if I move Wireshark.app?

    The script should find the Wireshark application bundle and run the
    appropriate executable automatically. It looks for Wireshark.app in the
    following locations:

    • The path set in the WIRESHARK_APP_DIR environment variable


    • /Applications/Wireshark.app
    • The first path returned bymdfind "kMDItemCFBundleIdentifier ==
    'org.wireshark.Wireshark'"

    If you move Wireshark.app the script should automatically find it. If it


    doesn't you will have to set WIRESHARK_APP_DIR to the path to (and
    including) Wireshark.app. Automatic discovery might fail if you have
    multiple copies of Wireshark installed on your system or if Spotlight
    indexing isn't working properly.

    You might also like