Newbie: where in system are packaged apps installed?

tl;dr: Cant find “wireshark” and "dumpcap in the filesystem so I can run with sudo.

So, sorry if I am coming at this sideways.

At prompting of others installed Clear Linux, and testing out. I’m not a deep linux/unix user, but been around awhile, know my way generally. I know that amoung other things, this distro has a division from others to keep the filesystem “cleaner”. (Bad expalnation, I know).

SO, as a first test, I used the built in software package to install wireshark. Shows up in the installed apps panel, and I can run through the GUI.

But where was installed in the file system? I need to run under sudo (for now), due to rights over the ethernet port. BUt I can t find in the file system.

When I run ps -aux I see “wireshark” (no path). I also see /app/bin/dumpcap. However, tryling to ls /app, or /app/bin comes up empty, so is “/app” some kind of virtual path?

Thanks! hope this made some sense!

Add your user to the wireshark group, which should be sufficient to use it.

Make sure you install the native wireshark bundle and not the 3rd party flatpak. dumpcap is in /usr/bin and part of the wireshark bundle.

sudo swupd bundle-add wireshark.

Yes, /app is a virtual path provided by flatpak. As @ahkok points out in his reply, please use the native bundle we provide instead.

The first time I went to install wireshark from the Software panel, there were 2 wireshark listings. one with the “blue fin Logo”, and another with a multi colored icon.

Which one should have I used? I’m assuming apps that appear in the software reporistory by default are “blessed”. SO why were there two, and how should I know in the furute which I should have avoided?

(right now, there is nothing in the panels at all ---- so Im gonna post about that seperately).

Ohhh… so I just found the browser based software store. And sure enough, there are both bundles as you described, and I saw in the appp-based listing.

So, again, if we shouldn’t use it, why is there a “flatpak” there that I shouldn’t use? Not trying to be difficult, genuinely confused. Is that gernerally true, or just a special case for wireshark?

Flatpak is a separate entity that provides its own collection of packages (Flathub). We provide access to that catalog as a convenience, and a supplement to what we directly provide via bundles, but we don’t control what’s available there. It turns out that there is a Flatpak for Wireshark.

I recommend using Flatpaks as a secondary to our native bundles, that is, only when our bundles don’t provide what you actually need.

Which is exactly why we added flatpak support - to provide packages that we likely can’t or won’t add. :slight_smile: