Re: must be root to ping?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Sat, Jul 14, 2012 at 5:45 PM, David Benfell
<benfell@xxxxxxxxxxxxxxxxx> wrote:
> Did I miss something? I now have to use sudo in order to ping:
>
> graton% ping 10.1.0.1
> ping: icmp open socket: Operation not permitted

Crafting ICMP packets requires root privileges, yes. (I vaguely
remember Linux adding a separate socket type[0][1] for ICMP, but
apparently it's not being used by `ping` yet.)

`/usr/bin/ping` and `ping6` must be either setuid-root (chmod u+s) or
have the CAP_NET_RAW capability (setcap cap_net_raw+ep). The Arch
`iputils` package normally runs `setcap` in its post-install
script[2].

[0]: http://lwn.net/Articles/420799/
[1]: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=c319b4d7
[2]: https://projects.archlinux.org/svntogit/packages.git/tree/trunk/iputils.install?h=packages/iputils

-- 
Mantas Mikulėnas


[Index of Archives]     [Linux Wireless]     [Linux Kernel]     [ATH6KL]     [Linux Bluetooth]     [Linux Netdev]     [Kernel Newbies]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux ATA RAID]     [Samba]     [Device Mapper]
  Powered by Linux