[CentOS] Ping as regular user not allowed (CentOS Stream 8)

Fri Jan 21 06:54:06 UTC 2022
Gordon Messmer <gordon.messmer at gmail.com>

On 1/20/22 03:13, Simon Matter wrote:
> But seriously, this should be a warning how dangerous even the smallest
> bug in systemd can be. In this case it's absolutely harmless but it shows
> once more how domineering systemd became to be in the Linux ecosystem.
> A bit frightening for me.

I don't think that's particularly justified.  A change was made to 
remove the capability from the file and instead set a kernel parameter 
that allows users to ping based on their GID, in order to allow ping to 
work from rootless containers.  Systemd's only involvement here is that 
it loads sysctls when the system boots, and those sysctl files are 
bundled in its RPM.