Mail archive
alpine-aports

[alpine-aports] Enable non-root ping by default?

From: Isaac Dunham <ibid.ag_at_gmail.com>
Date: Thu, 21 Apr 2016 21:46:18 -0700

Hello,
I've noticed that, in theory, our busybox now supports non-root ping.

The upgrade does have a couple hitches:
- bbsuid has disabled support for 'ping', but the upgrade leaves the old
ping->bbsuid symlink in place.

- We do not have equivalent functionality after fixing that, because
bbsuid allowed all users to use ping, while the Linux kernel disables
DGRAM ping via this sysctl setting:
 net.ipv4.ping_group_range=1 0

It took a bit of digging to figure out what that means, so explanation:
net.ipv4.ping_group_range is a range, specifying minimum and maximum
group ids allowed to use DGRAM ping.
The first field is the minimum; if it exceeds the maximum, the feature is
completely disabled.

Ideally, I'd like to see a default of
net.ipv4.ping_group_range=28 28
set in /etc/sysctl.d/00-alpine.conf,
along with an explanation of what that does.
This would make users in group 'netdev' able to ping.

Thanks,
Isaac Dunham


---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Thu Apr 21 2016 - 21:46:18 GMT