X-Original-To: alpine-aports@mail.alpinelinux.org Delivered-To: alpine-aports@mail.alpinelinux.org Received: from mail.alpinelinux.org (dallas-a1.alpinelinux.org [127.0.0.1]) by mail.alpinelinux.org (Postfix) with ESMTP id B3E51DC0804 for ; Fri, 22 Apr 2016 04:46:25 +0000 (UTC) Received: from mail-pf0-f196.google.com (mail-pf0-f196.google.com [209.85.192.196]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mail.alpinelinux.org (Postfix) with ESMTPS id 8B5B9DC05C1 for ; Fri, 22 Apr 2016 04:46:24 +0000 (UTC) Received: by mail-pf0-f196.google.com with SMTP id p185so8779217pfb.3 for ; Thu, 21 Apr 2016 21:46:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=Vw1mdZ0UWd79vNxD9+W0ROtly059BJo5V5aUa5vhoEc=; b=dH8Vrf4vGGBIGyEhRwIJH9V6DeUkJwDT4NKqMfoMeYvPvA0ITp2yZEaT8JA1zkSq1T GPgVBZIfpHPpMyLL1f/mcYhdVb3tnTSpfQyQq6FsImTeztqMQlrBKlRdmuSb5AAtjcKC JehfJp0d0cn1jFzOslhHjGZ1biZZbrX4y+KWNEDjV0up0y+wmmPoH5If4dBnZnNQlCcb 4RBh7QfMVE7z5w9uZWRe3uw9dW36XwiIO8ihuOVnH9Eyaxr77QUvyVO14+KV5eNphNWh kEc7CqTZMDvr04HQ9qvBi8VcdltxDFJyF+tOPpNofvalRlnyE5upvNXGAnB+z6fboXFK eU/w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=Vw1mdZ0UWd79vNxD9+W0ROtly059BJo5V5aUa5vhoEc=; b=l1aJIYufwPfIShSctFdlpexs7DtdoRZ4rQFj8GgiWPptcmJTSDpKwWOcWJSd4o7aNi Cy7XZ7nvRaVQxlovTSKKBU25Kt0W/n/o5eetk+fWvnyz93PbuWicXUgMjPAbdmusMoFO G6Wfw0ahzpdx11hs2z65A4hFzfXg9Jt9l0d1DMMtH21TR/9k03ni0TCd9qepqw/0SPRT enwKNqJ0XYNJBRToAo0C7haDML2D7t7hjhNRzy8wZmj/O+SLYOQzBBQ8I0v8Bwo7Y23H O3jtdJzk06agfIMFjyiLMRF1daGP1TTbDgYj6rt2XuMkCS18sYKTBjA1qiiRkw42CRP/ 4qdw== X-Gm-Message-State: AOPr4FUa/40XuDavMcHHTHGnoq41+WmA7wL6ADTT3BbnRlQHsdtSMQz3Khqk86LXJeqznw== X-Received: by 10.98.83.65 with SMTP id h62mr25724050pfb.130.1461300383083; Thu, 21 Apr 2016 21:46:23 -0700 (PDT) Received: from newbook ([50.0.225.71]) by smtp.gmail.com with ESMTPSA id r191sm4626922pfr.36.2016.04.21.21.46.22 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 21 Apr 2016 21:46:22 -0700 (PDT) Date: Thu, 21 Apr 2016 21:46:18 -0700 From: Isaac Dunham To: alpine-aports@lists.alpinelinux.org Subject: [alpine-aports] Enable non-root ping by default? Message-ID: <20160422044617.GA12521@newbook> X-Mailinglist: alpine-aports Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.6.0 (2016-04-01) X-Virus-Scanned: ClamAV using ClamSMTP Hello, I've noticed that, in theory, our busybox now supports non-root ping. The upgrade does have a couple hitches: - bbsuid has disabled support for 'ping', but the upgrade leaves the old ping->bbsuid symlink in place. - We do not have equivalent functionality after fixing that, because bbsuid allowed all users to use ping, while the Linux kernel disables DGRAM ping via this sysctl setting: net.ipv4.ping_group_range=1 0 It took a bit of digging to figure out what that means, so explanation: net.ipv4.ping_group_range is a range, specifying minimum and maximum group ids allowed to use DGRAM ping. The first field is the minimum; if it exceeds the maximum, the feature is completely disabled. Ideally, I'd like to see a default of net.ipv4.ping_group_range=28 28 set in /etc/sysctl.d/00-alpine.conf, along with an explanation of what that does. This would make users in group 'netdev' able to ping. Thanks, Isaac Dunham --- Unsubscribe: alpine-aports+unsubscribe@lists.alpinelinux.org Help: alpine-aports+help@lists.alpinelinux.org ---