On AlmaLinux 9 the guide walks you through updating your system with dnf, then pulling Wireshark‑Qt from the AppStream repository—or switching to wireshark-cli if you prefer command line tools. It explains why adding yourself to the wireshark group is essential so you can capture traffic without root and shows how to verify the group exists before logging out to apply changes. After confirming your network interfaces with iw dev or ip link, launching Wireshark is a one‑liner; if it crashes you’ll be directed to reinstall the package to fetch any missing plugins. A concise troubleshooting table rounds off the tutorial, covering permission errors, interface visibility, and app crashes, leaving you ready to sniff packets with confidence.

How to Install Wireshark on AlmaLinux 9

If you’ve been hunting for a solid packet‑capture tool on AlmaLinux 9, you’re in the right spot. In this guide we’ll walk through installing Wireshark from the official repo, set it up so your regular user can sniff packets without a root shell, and show you how to dodge the usual pitfalls that trip people up.

What You’ll Learn

• How to pull Wireshark straight from AlmaLinux’s AppStream repository
• Why adding yourself to the wireshark group matters
• A quick sanity check to make sure your capture interface is ready
• One handy trick for debugging when Wireshark refuses to launch

Let’s get those packets flowing.

1. Update Your System First

sudo dnf update -y

Why bother? A fresh system guarantees you’re pulling the newest, most stable package build and keeps any lingering security patches in place. Skipping this step often leads to odd dependency errors that feel like a bad driver update.

2. Install Wireshark‑Qt (the GUI) or wireshark-cli

sudo dnf install -y wireshark-qt

If you only need the command‑line utilities, swap wireshark-qt for wireshark-cli. The GUI version is what most people want because it gives a visual interface and easy filter syntax.

3. Add Your User to the Wireshark Group

sudo usermod -aG wireshark $(whoami)

By default, only root can capture traffic on Linux. Adding yourself to the wireshark group lets you run captures without a sudo prompt. After adding the group membership, log out and back in (or reboot) so the new permissions take effect.

4. Verify the Group Exists

grep wireshark /etc/group

You should see something like:

wireshark:x:1001:

If it’s missing, you’ll need to create it manually or re‑install Wireshark.

5. Check Your Capture Interfaces

Open a terminal and run:

sudo iw dev

or just:

ip link

Make sure you know the name of the interface you plan to sniff (e.g., eth0 or enp2s0). Wireshark will list all interfaces in its GUI, but a quick check saves time when you’re troubleshooting later.

6. Launch Wireshark

wireshark &

If it crashes or refuses to start, try:

sudo dnf reinstall wireshark-qt

Sometimes the initial install pulls a broken plugin; re‑installing forces a clean fetch of all required libraries.

Real‑World Observation

I once saw a network admin on a freshly installed AlmaLinux 9 rack complain that Wireshark wouldn’t start, even though it was installed fine. The culprit? They hadn’t added their user to the wireshark group. After adding them with usermod -aG, the app launched like a champ.

Quick Troubleshooting Checklist

Symptom	Fix
“Permission denied” when capturing	Make sure you’re in the wireshark group and have re‑logged.
Wireshark says “No capture interfaces available”	Check that your network interface is up (ip link set eth0 up).
App crashes on launch	Reinstall: sudo dnf reinstall wireshark-qt

That’s the entire install process in a nutshell. Grab a cup of coffee, run these commands, and you’ll have a full packet‑capturing toolkit ready for whatever network mystery you want to solve.