Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)

To: debian-user@lists.debian.org
Subject: Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
From: Reco <recoverym4n@enotuniq.net>
Date: Thu, 30 May 2019 09:08:38 +0300
Message-id: <[🔎] E1hWEEx-0006lS-3E@enotuniq.net>
In-reply-to: <[🔎] 20190530024458.GA4569@bitfolk.com>
References: <[🔎] 20190527051232.svlvaxv7ikuye6ko@pine64> <[🔎] 20190529211851.jzfykd7v5pvc5hcf@emypeople.net> <[🔎] 20190529234650.GY4569@bitfolk.com> <[🔎] CAO1P-kBaOZVP0_YRtfKBtejstjeV8VPLNJ3dcCc07=C4=v4sig@mail.gmail.com> <[🔎] 20190530024458.GA4569@bitfolk.com>

	Hi.

On Thu, May 30, 2019 at 02:44:58AM +0000, Andy Smith wrote:
> So my question is, are installs done by debootstrap somehow losing
> the file capabilities? I ask because in this thread, one of the
> other people reporting a /bin/ping without the correct capabilities
> did their install through debootstrap.

Easy. You run debootstrap, set some --include options (which pull
libcap2-bin by dependency), and then you tar the whole resulting
filesystem.
tar never understood file capabilities, so they are lost in the process.

> If you've just done a debootstrap, what does getcap return for the
> /bin/ping that got installed?

I'm not Cindy (obviously), but I'm not lazy, so I just run debootstrap a
couple of times.

debootstrap --variant=minbase does not install iputils-ping at all.

debootstrap (no --variant) does install iputils-ping, but does not
install libcap2-bin. Hence iputils-ping postinst script simply sets
suid bit on /bin/ping as postinst cannot locate setcap.

Reco

Reply to:

Follow-Ups:
- Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
  - From: Andy Smith <andy@strugglers.net>

References:
- Re: Why /usr/sbin is not in my root $PATH ?
  - From: Andrei POPESCU <andreimpopescu@gmail.com>
- Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
  - From: Jason <electron@emypeople.net>
- Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
  - From: Andy Smith <andy@strugglers.net>
- Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
  - From: Cindy Sue Causey <butterflybytes@gmail.com>
- Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
  - From: Andy Smith <andy@strugglers.net>

Prev by Date: Re: A couple things yet on stretch install, amd64 version
Next by Date: Re: Openvpn cli vs. Openvpn Networkmanager
Previous by thread: Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
Next by thread: Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
Index(es):
- Date
- Thread