Issue

What were you trying to do that didn't work? A test for running ping with the cap_net_raw capability removed is failing. Please provide the package NVR for which bug is seen: iputils-20210202-9.el9, was working with iputils-20210202-8.el9 How reproducible: 100% Steps to reproduce sysctl net.ipv4.ping_group_range="1 0" ping localhost -c 1 capsh --drop=cap_net_raw – -c 'ping localhost -c 1' Expected results # sysctl net.ipv4.ping_group_range="1 0" net.ipv4.ping_group_range = 1 0 # ping localhost -c 1 PING localhost(localhost (::1)) 56 data bytes 64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.015 ms — localhost ping statistics — 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.015/0.015/0.015/0.000 ms # capsh --drop=cap_net_raw – -c 'ping localhost -c 1' ping: socket: Operation not permitted Actual results h3. Actual results # sysctl net.ipv4.ping_group_range="1 0" net.ipv4.ping_group_range = 1 0 # ping localhost -c 1 PING localhost(localhost (::1)) 56 data bytes 64 bytes from localhost (::1): icmp_seq=1 ttl=64 time=0.015 ms — localhost ping statistics — 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.015/0.015/0.015/0.000 ms # capsh --drop=cap_net_raw – -c 'ping localhost -c 1'

Release Notes

No. of Comments

Resolution

Unresolved