On Fri, Oct 7, 2016 at 7:14 PM, Guy Harris <guy@xxxxxxxxxxxx> wrote:
> On Oct 7, 2016, at 4:03 PM, Gerald Combs <gerald@xxxxxxxxxxxxx> wrote:
>
>> On 10/7/16 7:45 AM, Evan Huus wrote:
>>> Hey all, recently upgrade my mac to Sierra and tried to revive my
>>> wireshark build environment. I got it compiling (out-of-tree cmake)
>>> and most of the tools (tshark) etc seem to work, but:
>>>
>>> $ ./run/wireshark
>>> Listening on en0
>>> 155 packets seen, 155 packets counted after pcap_dispatch returns
>>> ...
>>>
>>> No UI ever opens. I have Qt5 installed, and I checked my
>>> CmakeCache.txt and it is detected and building the UI module
>>> (BUILD_wireshark:BOOL=ON). The other weird part is:
>>>
>>> $ ./run/wireshark -h
>>> Usage: Wireshark [ -mn ] [ -i interface ] [ -t timeout] [expression]
>>>
>>> That's *all* it outputs. I have to assume that some other binary is
>>> being linked on top of the wireshark binary (tshark et al seem
>>> unaffected) but I don't recognize that option set.
>>>
>>> Any ideas? Has anybody seen this before?
>>
>> Weird. ./run/wireshark should be a shell script generated by CMakeLists.txt
>> that execs run/Wireshark.app/Contents/MacOS/Wireshark.
>
> ...and that's not Wireshark's "invalid command-line argument" error message.
>
> So what does "file run/wireshark" print?
>
> And if it's a shell script, what does it contain?
`run/wireshark` is a shell script pointing to
`./run/Wireshark.app/Contents/MacOS/Wireshark` the way it should. That
file is a Mach-O 64-bit executable x86_64. Running that file directly
has the same issues, so I suppose something is overwriting it or
mis-linking it or something.
