On Fri, 3 Jun 2016 at 06:56, Britton Kerin <britton.ke...@gmail.com> wrote:
> On my old debian system I could ping as a normal user. The ping > binary had the suid bit set. Now I get: > > $ ping www.google.com > ping: icmp open socket: Operation not permitted > 2 $ > > presumably because the bit isn't set. > > What's the right fix? I could setuid it but then if I understand > correctly it might get changed back by an upgrade. Does it use > capabilites or something? > > Thanks, > Britton > > Operation not permitted doesn't, contrary to appearances, automatically mean a permissions problem. I recently built a Linux From Scratch machine and at one point was getting that error when running ping as root. I'm now wracking my brains to remember what the cause was. Could you have a local firewall eg iptables that has accidentally blocked ALL outgoing traffic? I think you can get this error if ping cannot connect OUT of the box. Does it happen if you run ping as root? I've also seen this when the kernel didn't have all the right stuff compiled in, but that's not likely to be it if you are using a Debian kernel. Running strace on a ping attempt could diagnose that. So check if it happens when you are root. If it does, check your internal firewall (not your network's). If that is ok or switched off, try strace. Mark
