On 1/20/22 03:13, Simon Matter wrote: > But seriously, this should be a warning how dangerous even the smallest > bug in systemd can be. In this case it's absolutely harmless but it shows > once more how domineering systemd became to be in the Linux ecosystem. > > A bit frightening for me. I don't think that's particularly justified. A change was made to remove the capability from the file and instead set a kernel parameter that allows users to ping based on their GID, in order to allow ping to work from rootless containers. Systemd's only involvement here is that it loads sysctls when the system boots, and those sysctl files are bundled in its RPM. https://fedoraproject.org/wiki/Changes/EnableSysctlPingGroupRange