Your message dated Wed, 9 Sep 2020 18:43:24 +0200
with message-id <[email protected]>
and subject line Re: firejail: ping (IPv4 and IPv6) reports duplicate responses
when running multiple pings from same user
has caused the Debian Bug report #896989,
regarding firejail: ping (IPv4 and IPv6) reports duplicate responses when
running multiple pings from same user
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
896989: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=896989
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: firejail
Version: 0.9.52-2
Severity: normal
If I do have two instances of ping running from same user, even to different
target addresses,
both ping instances will receive all responses, even the ones not destined to
them.
I belive this is because with firejail different type of socket is used,
and ping is running not as root/setuid. And ping reports all responses.
# Instance 1:
$ ping 8.8.8.8 -n
...
64 bytes from 8.8.8.8: icmp_seq=134 ttl=57 time=0.759 ms
64 bytes from 8.8.8.8: icmp_seq=135 ttl=57 time=0.644 ms
64 bytes from 216.58.205.110: icmp_seq=1 ttl=55 time=4.42 ms (DUP!)
64 bytes from 8.8.8.8: icmp_seq=136 ttl=57 time=0.644 ms
64 bytes from 216.58.205.110: icmp_seq=2 ttl=55 time=4.39 ms (DUP!)
64 bytes from 8.8.8.8: icmp_seq=137 ttl=57 time=0.868 ms
64 bytes from 216.58.205.110: icmp_seq=3 ttl=55 time=4.52 ms (DUP!)
64 bytes from 8.8.8.8: icmp_seq=138 ttl=57 time=0.695 ms
...
# Instance 2:
$ ping -4 google.com
PING GOOgle.com (216.58.205.110) 56(84) bytes of data.
64 bytes from mil04s26-in-f110.1e100.net (216.58.205.110): icmp_seq=1 ttl=55
time=4.42 ms
64 bytes from google-public-dns-a.google.com (8.8.8.8): icmp_seq=136 ttl=57
time=0.644 ms
64 bytes from mil04s26-in-f14.1e100.net (216.58.205.110): icmp_seq=2 ttl=55
time=4.39 ms
64 bytes from google-public-dns-a.google.com (8.8.8.8): icmp_seq=137 ttl=57
time=0.868 ms
64 bytes from mil04s26-in-f110.1e100.net (216.58.205.110): icmp_seq=3 ttl=55
time=4.52 ms
...
This happens even if I run ping from root (as it will use /usr/local/bin/ping).
If I use /bin/ping everything works fine.
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.15.0-3-amd64 (SMP w/12 CPU cores)
Locale: LANG=pl_PL.utf8, LC_CTYPE=pl_PL.utf8 (charmap=UTF-8),
LANGUAGE=pl_PL.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages firejail depends on:
ii libapparmor1 2.12-4
ii libc6 2.27-3
Versions of packages firejail recommends:
ii firejail-profiles 0.9.52-2
ii iptables 1.6.2-1
ii xauth 1:1.0.10-1
ii xserver-xephyr 2:1.19.99.901-1
firejail suggests no packages.
-- Configuration Files:
/etc/firejail/disable-programs.inc changed [not included]
-- no debconf information
--- End Message ---
--- Begin Message ---
Control: notfound -1 0.9.52-2
Hi,
I can no longer reproduce the issue with firejail.
Not even with the originally reported version.
I guess this has been fixed somewhere else, maybe in the kernel.
Therefore I'm closing this bug now.
Kind regards,
Reiner
signature.asc
Description: PGP signature
--- End Message ---
