I knew Linux had capability bits, but I had never used them until a friend figured out a way to run wireshark as a normal user and still capture packets. For a Network Engineer, this is really handy. I think distributions should make this standard.
sudo groupadd wireshark sudo usermod -a -G wireshark YOUR_USER_NAME sudo chgrp wireshark /usr/bin/dumpcap sudo chmod 750 /usr/bin/dumpcap sudo setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap sudo getcap /usr/bin/dumpcap
The shell snippet is really trimmed down. For more details, check out tavshed’s blog post.