On 21/01/2022 15:23, Johnny Hughes wrote: > On 1/21/22 07:53, Johnny Hughes wrote: >> On 1/21/22 07:17, Johnny Hughes wrote: >>> On 1/21/22 05:01, Leon Fauster via CentOS wrote: >>>> Am 20.01.22 um 23:14 schrieb Johnny Hughes: >>>>> On 1/20/22 15:07, Johnny Hughes wrote: >>>>>> On 1/20/22 12:46, Johnny Hughes wrote: >>>>>>> On 1/19/22 08:44, Brian Stinson wrote: >>>>>>>> On Wed, Jan 19, 2022 at 8:33 AM Toralf Lund >>>>>>>> <toralf.lund at pgs.com> wrote: >>>>>>>>> >>>>>>>>> Following some update or the other (I think) on my CentOS >>>>>>>>> Stream 8 >>>>>>>>> system, I'm no longer able to use ping as a regular user; I get >>>>>>>>> >>>>>>>>> $ ping >>>>>>>>> https://eur04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.centos.org%2F&data=04%7C01%7Ctoralf.lund%40pgs.com%7C713021a8ffd245d07c2408d9dce99575%7C51d05d6147e9480b93b298dc84f1ed06%7C0%7C0%7C637783718111185241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=R2YZ8lVdkjaXenlaFn6wdRPu9fRgERWl2EaEHMApPCc%3D&reserved=0 >>>>>>>>> ping: socket: Operation not permitted >>>>>>>>> >>>>>>>>> Does anyone else see this? It it a bug, or were the >>>>>>>>> system/default >>>>>>>>> permissions deliberately changed? Can anyone suggest a >>>>>>>>> fix/workaround? >>>>>>>>> Actually, I can find several different ones via a simple web >>>>>>>>> search, but >>>>>>>>> they are generally related to other distributions, I'm not >>>>>>>>> quite sure >>>>>>>>> which would be the most appropriate for CentOS... >>>>>>>>> >>>>>>>>> Thanks. >>>>>>>>> >>>>>>>>> - Toralf >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> CentOS mailing list >>>>>>>>> CentOS at centos.org >>>>>>>>> https://eur04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.centos.org%2Fmailman%2Flistinfo%2Fcentos&data=04%7C01%7Ctoralf.lund%40pgs.com%7C713021a8ffd245d07c2408d9dce99575%7C51d05d6147e9480b93b298dc84f1ed06%7C0%7C0%7C637783718111185241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IgK2cSA5ll92eVC1M1Iq695oaRrZoBWsBaoP4ml9aW4%3D&reserved=0 >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> Folks interested in this issue can watch this bugzilla: >>>>>>>> https://eur04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.redhat.com%2Fshow_bug.cgi%3Fid%3D2037807&data=04%7C01%7Ctoralf.lund%40pgs.com%7C713021a8ffd245d07c2408d9dce99575%7C51d05d6147e9480b93b298dc84f1ed06%7C0%7C0%7C637783718111185241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=p2Ym5q6fUiNWSCjBEZbI1l3nf005mRy7aZ27jMlggUU%3D&reserved=0 >>>>>>>> >>>>>>>> >>>>>>>> We're waiting for systemd-239-55.el8 sources to show up after >>>>>>>> which we >>>>>>>> will build this and publish to CentOS Stream. Right now this >>>>>>>> appears >>>>>>>> to be an infrastructure issue and the appropriate folks are >>>>>>>> working on >>>>>>>> that, but we also want this package to pass the proper checks >>>>>>>> before >>>>>>>> we build. >>>>>>> >>>>>>> I am doing a compose with this version of systemd in it right >>>>>>> now. Should be released later today. >>>>>>> _______________________________________________ >>>>>> >>>>>> OK .. I am currently releasing an 8-stream compose with >>>>>> systemd-239-55.el8 .. but it does not fix this unpriv ping issue. >>>>>> >>>>>> I checked internally and it is also a problem on the rhel build >>>>>> for this systemd version, so not an issue introduced by the >>>>>> CentOS Stream build. >>>>>> >>>>>> This version of systemd should be available in a couple hours on >>>>>> mirror.centos.org. >>>>>> >>>>> >>>>> OK .. to fix this issue until we get a build that fixes it: >>>>> >>>>> Edit /usr/lib/sysctl.d/50-default.conf >>>>> >>>>> take out the minus sign (-) in this line: >>>>> >>>>> -net.ipv4.ping_group_range = 0 2147483647 >>>>> >>>> >>>> >>>> Is this "minus" a typo? I guess ... >>>> >>>> While yum update i get: >>>> >>>> Couldn't write '0 2147483647' to '-net/ipv4/ping_group_range', >>>> ignoring: No such file or directory >>> >>> I do not know if it is a typo or not (maybe a functionality I don't >>> know about) .. but if I remove the dash and save the file, >>> everything works as expected. >>> >>> It is the only option in that file with a dash. >>> >>> >> >> OK .. the minus sign is intentional .. but the functionality to mkae >> it work is not yet in the packages. See this bug for details: >> >> https://eur04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.redhat.com%2Fshow_bug.cgi%3Fid%3D2037807&data=04%7C01%7Ctoralf.lund%40pgs.com%7C713021a8ffd245d07c2408d9dce99575%7C51d05d6147e9480b93b298dc84f1ed06%7C0%7C0%7C637783718111185241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=p2Ym5q6fUiNWSCjBEZbI1l3nf005mRy7aZ27jMlggUU%3D&reserved=0 >> > > So the two fixes are to not upgrade iputils and exclude it in your dnf > config .. OR .. to take out he minus sign until the issue is fixed. Both work for me. Thanks. > > Or live with suod/root only for ping Might also be OK for a short while. Irritation would probably build up over time ;-) - Toralf > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://eur04.safelinks.protection.outlook.com/?url=https%3A%2F%2Flists.centos.org%2Fmailman%2Flistinfo%2Fcentos&data=04%7C01%7Ctoralf.lund%40pgs.com%7C713021a8ffd245d07c2408d9dce99575%7C51d05d6147e9480b93b298dc84f1ed06%7C0%7C0%7C637783718111185241%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=IgK2cSA5ll92eVC1M1Iq695oaRrZoBWsBaoP4ml9aW4%3D&reserved=0 >