bug-inetutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: please test inetutils 1.9.5 rc1


From: Simon Josefsson
Subject: Re: please test inetutils 1.9.5 rc1
Date: Wed, 01 Jan 2020 18:45:33 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/26.1 (gnu/linux)

Simon Josefsson <address@hidden> writes:

> I noticed Guix installs ping and ping6 from inetutils with the setuid
> bit enabled.  There is new support for non-setuid usage in this release,
> however I was not able to get it to work.  Comparing with iputils' ping
> it looks like what we have might not be sufficient, but I can't tell for
> sure.

I was able to get non-root inetutils-ping to work like this:

jas@latte:~/src/inetutils/ping$ sudo setcap cap_net_raw+ep ping
jas@latte:~/src/inetutils/ping$ ./ping 192.168.1.2
PING 192.168.1.2 (192.168.1.2): 56 data bytes
64 bytes from 192.168.1.2: icmp_seq=0 ttl=64 time=0,432 ms
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0,479 ms

Would this level of support allow guix to make ping/ping6 non-setuid?

Debian ships with ping/ping6 from 'iputils' which appears to be
maintained.  It does a lot more with libcap-capabilities than Inetutils
does, I wonder if there is anything there that is useful to borrow.

/Simon

[1] https://github.com/iputils/iputils

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]