Deploying Wireshark

joeyk
New Contributor II

Hi all,
I'd like to have this available in Self Service. When I try it the way I have some applications set up, it just drops the DMG contents into the "/" directory. The DMG for Wireshark contains additional packages for ChmodBPF, so do I need to add those packages individually to Jamf? Should I use Composer to group the .app and the ChmodBPF packages into one Package? Just curious on how others are doing it, and if you have a good way, I'd rather not recreate the wheel here.

TIA,
Joey

3 REPLIES 3

AdamCraig
Contributor III

I used composer to make a package of /Applications/Wireshark.dmg

usually .dmg installers cannot be added directly into jamf and work properly

dlondon
Contributor III

This is what I did back in January:

Install Wireshark on a test system

You will be dragging the app to /Applications

Get rid of com.apple.quaratine attribute and change ownership to root:wheel for Wireshark.app in terminal (recurse)

Also install the ChmodBPF.pkg that's included with the download DMG from Wireshark

Change the file /Library/Application Support/Wireshark/ChmodBPF/ChmodBPF

so that

g+rw

becomes

go+rw

test by restarting and checking local and domain accounts

When happy use JAMF Composer to make a custom installation package

Drag the Wireshark.app to the bottom area of the sidebar on the left of Composer

Then add the following as a Postinstall script

#!/bin/sh
## postinstall
pathToScript=$0
pathToPackage=$1
targetLocation=$2
targetVolume=$3

# The ChmodBPF installer writes to the following locations:
#/Library/LaunchDaemons/org.wireshark.ChmodBPF.plist. A launch daemon that adjusts permissions on the system’s packet capture devices (/dev/bpf*) when the system starts up.

#/Library/Application Support/Wireshark/ChmodBPF. A copy of the launch daemon property list, and the script that the launch daemon runs.

#The installer group named “access_bpf” is created. The user who opened the package is added to the group.

​/usr/sbin/installer -dumplog -verbose -pkg /Applications/Wireshark.app/Contents/Resources/Extras/Install ChmodBPF.pkg -target /

sed -i.backup 's/g+rw/go+rw/'  /Library/Application Support/Wireshark/ChmodBPF/ChmodBPF

# Uncomment the line below to add the wireshark executables to system path 

# /usr/sbin/installer -dumplog -verbose -pkg /Applications/Wireshark.app/Contents/Resources/Extras/Add Wireshark to the system path.pkg  -target /

exit 0      ## Success
exit 1      ## Failure

The above script will install ChmodBPF.pkg and modify ChmodBPF so that all users can access it

jmahlman
Valued Contributor

Thanks for the script @dlondon. As a note for anyone copying and pasting, there is an extra invisible char at the line

​/usr/sbin/installer -dumplog -verbose -pkg /Applications/Wireshark.app/Contents/Resources/Extras/Install ChmodBPF.pkg -target /

So just remove the leading whitespace before using.