[CentOS] Unable open raw socket in CentOS 5 - SE Linux andkernelcapability interaction?

Sat Mar 8 12:33:44 UTC 2008
William L. Maltby <CentOS4Bill at triad.rr.com>

On Fri, 2008-03-07 at 16:48 -0500, S Roderick wrote:
> I was hoping that either via kernel capabilities or SE Linux that we  
> could avoid this. Both seem to offer exactly the feature we want,  
> opening raw sockets from unprivileged accounts. But it's really  
> unclear from all the doc's online how these two interact. Best we  
> could do was try all the examples and approaches we could find - none  
> worked.
> 
> I guess I can try trolling the kernel source ... ugh! ... to see if  
> your recollection is correct. I certainly hope there is another  
> option ...
> 
> Thanks
> S

I think Ross is right. At my last contract with IBM some years back, we
were doing some raw socket stuff. ISTR that we had no problems because
we were real root applications. IIRC, docs specified root privileges.

> <snip>

-- 
Bill