Re: Who changes /bin/ping on my system ?
Second thoughts....
On 04/03/14 20:17, Scott Ferguson wrote:
> On 04/03/14 19:16, Tim Ruehsen wrote:
>> Hi,
>>
>> every now and than ping loses it's capabilities to be executed by a normal
>> user. Like here:
>> $ ping example.com
>> ping: icmp open socket: Operation not permitted
>>
<snipped>
>>
>> Now I reinstalled iputils-ping:
>> # apt-get --reinstall install iputils-ping
>> Reading package lists... Done
>> Building dependency tree
>> Reading state information... Done
>> 0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
>> Need to get 0 B/56.3 kB of archives.
>> After this operation, 0 B of additional disk space will be used.
>> (Reading database ... 443041 files and directories currently installed.)
>> Preparing to unpack .../iputils-ping_3%3a20121221-5_amd64.deb ...
>> Unpacking iputils-ping (3:20121221-5) over (3:20121221-5) ...
>> Processing triggers for man-db (2.6.6-1) ...
>> Setting up iputils-ping (3:20121221-5) ...
>> Setcap worked! *Ping(6) is not suid!*
The above line, emphasis mine, is what prompted second thoughts.
Perhaps one of the changes between the version you are running and mine
is that ping is no longer meant to run suid?
Sorry I don't have access to a Sid box at the moment - perhaps someone
who has, and for whom ping is working could post the output of "getcap
`which ping`"??
I don't 'know' how this would be achieved, setcap is a clue, an iputils
group 'might' be another, you could check the changelog in the docs
directory.
Perhaps *if* setcap is used when working you'd see the following (or
similar)?
# getcap `which ping`
/usr/bin/ping = cap_net_raw+ep
>>
>> # ls -la /bin/ping
>> -rwxr-xr-x 1 root root 44080 01-02-14 22:18:43 /bin/ping
>
> $ ls -l `which ping`
> -rwsr-xr-x 1 root root 31104 Apr 13 2011 /bin/ping # different results
> and I don't get your error - ever.
>
> iputils-ping 3:20101006-1+b1 i386 (Wheezy with backports).
>
>>
<snipped>
Kind regards
Reply to: