Re: Ping as normal user (Was: Why /usr/sbin is not in my root $PATH ?)
Hi.
On Thu, May 30, 2019 at 02:44:58AM +0000, Andy Smith wrote:
> So my question is, are installs done by debootstrap somehow losing
> the file capabilities? I ask because in this thread, one of the
> other people reporting a /bin/ping without the correct capabilities
> did their install through debootstrap.
Easy. You run debootstrap, set some --include options (which pull
libcap2-bin by dependency), and then you tar the whole resulting
filesystem.
tar never understood file capabilities, so they are lost in the process.
> If you've just done a debootstrap, what does getcap return for the
> /bin/ping that got installed?
I'm not Cindy (obviously), but I'm not lazy, so I just run debootstrap a
couple of times.
debootstrap --variant=minbase does not install iputils-ping at all.
debootstrap (no --variant) does install iputils-ping, but does not
install libcap2-bin. Hence iputils-ping postinst script simply sets
suid bit on /bin/ping as postinst cannot locate setcap.
Reco
Reply to: