On 20/01/2022 17:48, Robert Nichols wrote: > On 1/20/22 10:32 AM, Fabian Arrotin wrote: >> On 19/01/2022 15:32, Toralf Lund wrote: >>> Following some update or the other (I think) on my CentOS Stream 8 >>> system, I'm no longer able to use ping as a regular user; I get >>> >>> $ ping >>> https://eur04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.centos.org%2F&data=04%7C01%7Ctoralf.lund%40pgs.com%7C07eb6f60244843e98f7908d9dc34b549%7C51d05d6147e9480b93b298dc84f1ed06%7C0%7C0%7C637782942100118038%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=Fh6MVkDnXLWQl9ArUjqZQcfRfTwZG2bBWrQSNVmtsDo%3D&reserved=0 >>> ping: socket: Operation not permitted >>> >>> Does anyone else see this? It it a bug, or were the system/default >>> permissions deliberately changed? Can anyone suggest a >>> fix/workaround? Actually, I can find several different ones via a >>> simple web search, but they are generally related to other >>> distributions, I'm not quite sure which would be the most >>> appropriate for CentOS... >>> >>> Thanks. >>> >>> - Toralf >>> >> >> "sudo dnf downgrade iputils" should do it for now >> >> it works when you're back on iputils-20180629-7.el8.x86_64 > > And then add: > excludepkgs=iputils-20180629-8.el8.x86_64 > in the [baseos] section of /etc/yum/repos.d/CentOS-Stream-BaseOS.repo > Right. After downgrading, I have $ rpm -q --queryformat '[%{FILENAMES} %{FILECAPS}\n]' iputils | grep /usr/bin/ping /usr/bin/ping = cap_net_admin,cap_net_raw+p I guess this is what was changed in the new version? (Didn't check before downgrading, to lazy to switch back to do it.) What I don't quite understand is why the updated iputils was released before the systemd/kernel changes others mention... - Toralf