Re: make ping executable by normal users?
On Tue 07 Jun 2016 at 14:56:11 (-0800), Britton Kerin wrote:
> On Thu, Jun 2, 2016 at 2:33 PM, Santiago Vila <sanvila@unex.es> wrote:
> > On Thu, Jun 02, 2016 at 01:56:08PM -0800, Britton Kerin wrote:
> >> On my old debian system I could ping as a normal user. The ping
> >> binary had the suid bit set. Now I get:
> >>
> >> $ ping www.google.com
> >> ping: icmp open socket: Operation not permitted
> >> 2 $
> >>
> >> presumably because the bit isn't set.
> >>
> >> What's the right fix? I could setuid it but then if I understand
> >> correctly it might get changed back by an upgrade. Does it use
> >> capabilites or something?
> >
> > Yes, it uses capabilities. The simple fix is to do this:
> >
> > dpkg-reconfigure iputils-ping
>
> Well, that works, thanks. But I really don't get the overall behavior.
> It says this:
>
> root@debian:/home/bkerin# dpkg-reconfigure iputils-ping
> Setcap worked! Ping(6) is not suid!
> root@debian:/home/bkerin#
>
> And then ping works for non-root users.
>
> How, just by executing dpkg-reconfigure, did I tell it this is what
> I wanted? If that's the default, why wasn't it that way to begin with?
dpkg-reconfigure runs /var/lib/dpkg/info/foo.postinst for package foo,
so take a look and you'll see the possibilities.
I've no idea how your ping missed the process, unless it's been copied
incorrectly at some point (though one might expect more problems than
just ping in that case).
> More generally, is it somehow possible to still run debian without
> capabilities? I hate them. The simple root-or-not security model
> is much simpler and doesn't promise more than it can really
> deliver. I'm sad to see capabilities now as the default.
No idea. I'm convinced, rightly or wrongly, by the added fine-grain
security provided by capabilities.
Cheers,
David.
Reply to: