[arch-general] must be root to ping?
Mantas Mikulėnas
grawity at gmail.com
Sat Jul 14 11:07:06 EDT 2012
On Sat, Jul 14, 2012 at 5:45 PM, David Benfell
<benfell at parts-unknown.org> wrote:
> Did I miss something? I now have to use sudo in order to ping:
>
> graton% ping 10.1.0.1
> ping: icmp open socket: Operation not permitted
Crafting ICMP packets requires root privileges, yes. (I vaguely
remember Linux adding a separate socket type[0][1] for ICMP, but
apparently it's not being used by `ping` yet.)
`/usr/bin/ping` and `ping6` must be either setuid-root (chmod u+s) or
have the CAP_NET_RAW capability (setcap cap_net_raw+ep). The Arch
`iputils` package normally runs `setcap` in its post-install
script[2].
[0]: http://lwn.net/Articles/420799/
[1]: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=c319b4d7
[2]: https://projects.archlinux.org/svntogit/packages.git/tree/trunk/iputils.install?h=packages/iputils
--
Mantas Mikulėnas
More information about the arch-general
mailing list