[CentOS] Ping as regular user not allowed (CentOS Stream 8)

Fri Jan 21 13:17:15 UTC 2022
Johnny Hughes <johnny at centos.org>

On 1/21/22 05:01, Leon Fauster via CentOS wrote:
> Am 20.01.22 um 23:14 schrieb Johnny Hughes:
>> On 1/20/22 15:07, Johnny Hughes wrote:
>>> On 1/20/22 12:46, Johnny Hughes wrote:
>>>> On 1/19/22 08:44, Brian Stinson wrote:
>>>>> On Wed, Jan 19, 2022 at 8:33 AM Toralf Lund <toralf.lund at pgs.com> 
>>>>> wrote:
>>>>>>
>>>>>> Following some update or the other (I think) on my CentOS Stream 8
>>>>>> system, I'm no longer able to use ping as a regular user; I get
>>>>>>
>>>>>> $ ping www.centos.org
>>>>>> ping: socket: Operation not permitted
>>>>>>
>>>>>> Does anyone else see this? It it a bug, or were the system/default
>>>>>> permissions deliberately changed? Can anyone suggest a 
>>>>>> fix/workaround?
>>>>>> Actually, I can find several different ones via a simple web 
>>>>>> search, but
>>>>>> they are generally related to other distributions, I'm not quite sure
>>>>>> which would be the most appropriate for CentOS...
>>>>>>
>>>>>> Thanks.
>>>>>>
>>>>>> - Toralf
>>>>>>
>>>>>> _______________________________________________
>>>>>> CentOS mailing list
>>>>>> CentOS at centos.org
>>>>>> https://lists.centos.org/mailman/listinfo/centos
>>>>>>
>>>>>
>>>>> Folks interested in this issue can watch this bugzilla:
>>>>> https://bugzilla.redhat.com/show_bug.cgi?id=2037807
>>>>>
>>>>> We're waiting for systemd-239-55.el8 sources to show up after which we
>>>>> will build this and publish to CentOS Stream. Right now this appears
>>>>> to be an infrastructure issue and the appropriate folks are working on
>>>>> that, but we also want this package to pass the proper checks before
>>>>> we build.
>>>>
>>>> I am doing a compose with this version of systemd in it right now. 
>>>> Should be released later today.
>>>> _______________________________________________
>>>
>>> OK .. I am currently releasing an 8-stream compose with 
>>> systemd-239-55.el8 .. but it does not fix this unpriv ping issue.
>>>
>>> I checked internally and it is also a problem on the rhel build for 
>>> this systemd version, so not an issue introduced by the CentOS Stream 
>>> build.
>>>
>>> This  version of systemd should be available in a couple hours on 
>>> mirror.centos.org.
>>>
>>
>> OK .. to fix this issue until we get a build that fixes it:
>>
>> Edit /usr/lib/sysctl.d/50-default.conf
>>
>> take out the minus sign (-) in this line:
>>
>> -net.ipv4.ping_group_range = 0 2147483647
>>
> 
> 
> Is this "minus" a typo? I guess ...
> 
> While yum update i get:
> 
> Couldn't write '0 2147483647' to '-net/ipv4/ping_group_range', ignoring: 
> No such file or directory

I do not know if it is a typo or not (maybe a functionality I don't know 
about) .. but if I remove the dash and save the file, everything works 
as expected.

It is the only option in that file with a dash.