http://bugzilla.ubuntu.com/show_bug.cgi?id=13558
sudo ethereal can't start as it tries to set capabilties and can't. even when running as root.
tcpdump is fine and ethereal can read tcpdump files when invoked by jp
[jp@cavan]# sudo su -
root@cavan:~ # strace ethereal
-------------8<--------------
munmap(0xb7150000, 73562) = 0
set_tid_address(0xb6831968) = 16118
rt_sigaction(SIGRTMIN, {0xb69c73d0, [], SA_SIGINFO}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0xb69c7450, [], SA_RESTART|SA_SIGINFO}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}) = 0
_sysctl({{CTL_KERN, KERN_VERSION, 0, 20d91, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}, 2, 0xbfbc392c, 31, (nil), 0}) = 0
brk(0) = 0x8184000
brk(0x81a5000) = 0x81a5000
uname({sys="Linux", node="cavan", ...}) = 0
capget(0x19980330, 0,
{CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|0xf8000000,
CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|0xf8000000,
0}) = 0
capset(0x19980330, 0, {CAP_DAC_READ_SEARCH|CAP_NET_RAW,
CAP_DAC_READ_SEARCH|CAP_NET_RAW, 0}) = -1 EPERM (Operation not permitted)
write(2, "Could not set capabilities: Oper"..., 52Could not set capabilities:
Operation not permitted
) = 52
exit_group(1) = ?
Reported by <email address hidden> too.