Re: F15 ping must run as root?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03/14/2011 01:49 PM, Jon Stanley wrote:
> On Mon, Mar 14, 2011 at 7:40 AM, Joachim Backes
> <joachim.backes@xxxxxxxxxxxxxx>  wrote:
>
>> I saw that in F15 ping must be started with root rights, otherwhise I get:
>>
>> ping: icmp open socket: Operation not permitted
>
> Ping has *always* needed root privs, it generally gets them by being
> suid root. Don't have an F15 box here handy to look, but I'm
> suspecting that either it somehow isn't suid root, or something else
> is preventing suid from working (no suid mount option? SELinux?)

In F15, capabilities are used instead of suid root (see 
http://fedoraproject.org/wiki/Features/RemoveSETUID):

[pmatilai@turre ~]$ ls -l /bin/ping
-rwxr-xr-x. 1 root root 40840 Feb  9 18:00 /bin/ping
[pmatilai@turre ~]$ getcap /bin/ping
/bin/ping = cap_net_raw+ep

As for the actual problem: are you using a custom-built kernel? That's 
one possible reason for lacking capability support.

	- Panu -
-- 
test mailing list
test@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe: 
https://admin.fedoraproject.org/mailman/listinfo/test


[Index of Archives]     [Fedora Desktop]     [Fedora SELinux]     [Photo Sharing]     [Yosemite Forum]     [KDE Users]

  Powered by Linux