Mailinglist Archive: opensuse (1352 mails)

< Previous Next >
Re: [opensuse] Friday quiz - ping: socket: Operation not permitted
  • From: Per Jessen <per@xxxxxxxxxxxx>
  • Date: Fri, 01 Jun 2018 19:38:29 +0200
  • Message-id: <pes0al$e87$1@saturn.local.net>
Carlos E. R. wrote:

On 2018-06-01 15:36, Andrei Borzenkov wrote:
On Fri, Jun 1, 2018 at 4:33 PM, Per Jessen <per@xxxxxxxxxxxx> wrote:
Andrei Borzenkov wrote:

On Fri, Jun 1, 2018 at 4:28 PM, Per Jessen <per@xxxxxxxxxxxx>
wrote:

Andrei Borzenkov wrote:

On Fri, Jun 1, 2018 at 3:34 PM, Per Jessen <per@xxxxxxxxxxxx>
wrote:

I would expect ping to be setuid, yes.


Why? None of default permissions file shipped with openSUSE makes
ping SUID root.


Doesn't ping need a raw socket to do an ICMP?


That's exactly what capability cap_net_raw allows.


Ah right. So when file capabilities don't work on NFS, I'd have to
make it setuid or use it as root?


Exactly.


I'm interested, I don't know what these "capabilities" are.

Recently I wrote an utility for myself that needs to ping the router,
and fails unless it is run as root. Is there some other way, then?

man capabilities.

https://www.insecure.ws/linux/getcap_setcap.html#setting-getting-capabilities-from-userland


--
Per Jessen, Zürich (19.0°C)
http://www.hostsuisse.com/ - dedicated server rental in Switzerland.


--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups