Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
[SOLVED]Ping stopped working
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Thu Oct 10, 2013 11:09 pm    Post subject: [SOLVED]Ping stopped working Reply with quote

I've tried this:
Code:
# chmod u+s `which ping`
didn't worked and breaked my connection, but I fixed the connection with #chmod u+s /bin/ping (tried as normal user too)

Quote:
#chmod u+s /bin/ping
Although fixed the connection, didn't fixed ping error (tried as normal user too)

Code:
$ strace -e open ping localhost
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 3
open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 3
ping: icmp open socket: Operation not permitted
+++ exited with 2 +++

source: http://solutions.unixsherpa.com/2010/10/26/etchosts-entries-not-being-used-for-non-root-users/

Code:
setcap "cap_net_raw+ep" /usr/bin/ping
Tried, but there's no setcap command and I even could install this... simple dunno the name of the package to install


Status now:
Code:
$ ls -l /bin/ping*
-rws--x--x 1 rodrigo 1001 39760 May 16 02:14 /bin/ping
-rws--x--x 1 rodrigo 1001 40240 May 16 02:14 /bin/ping6

As normal user:
Code:
$ ping google.com
ping: icmp open socket: Operation not permitted
$ ping6 google.com
connect: Network is unreachable

As root:
Code:
# ping google.com
ping: icmp open socket: Operation not permitted
# ping6 google.com
connect: Network is unreachable

_________________
Emerging en gentoo


Last edited by rudregues on Sat Oct 12, 2013 5:20 pm; edited 1 time in total
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 12:38 am    Post subject: Reply with quote

Code:
chmod 600 /bin/ping
chmod +x /bin/ping
ping www.google.com


Try that.
Back to top
View user's profile Send private message
Hu
Moderator
Moderator


Joined: 06 Mar 2007
Posts: 13493

PostPosted: Fri Oct 11, 2013 2:24 am    Post subject: Reply with quote

Unless you renamed your root account rodrigo, your installation is very broken. How did you install /bin/ping?
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 8:59 am    Post subject: Reply with quote

I guessed from his username & post that he'd been down the road of chown & chgrp on the file, should have probably checked though!
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 1:13 pm    Post subject: Reply with quote

nemectic wrote:
Code:
chmod 600 /bin/ping
chmod +x /bin/ping
ping www.google.com


Try that.

Code:
$ chmod 600 /bin/ping
$ chmod +x /bin/ping
$ ping www.google.com
ping: icmp open socket: Operation not permitted

_________________
Emerging en gentoo
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 1:18 pm    Post subject: Reply with quote

Hu wrote:
Unless you renamed your root account rodrigo, your installation is very broken. How did you install /bin/ping?
I don't know what you mean with "rename my root account", ping always worked for me and to install gentoo I just followed the handbook. I didn't installed /bin/ping, It was installed by default with gentoo (and this was months ago)


nemectic wrote:

I guessed from his username & post that he'd been down the road of chown & chgrp on the file, should have probably checked though!
Is there any other file I must check?
_________________
Emerging en gentoo
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 2:32 pm    Post subject: Reply with quote

rudregues wrote:
I don't know what you mean with "rename my root account", ping always worked for me and to install gentoo I just followed the handbook. I didn't installed /bin/ping, It was installed by default with gentoo (and this was months ago)


Your /bin/ping & /bin/ping6 files belongs to the user "rodrigo", and the group "1001". Both of these should belong to root root by default, so something has happened there. you can try a chown root /bin/ping && chgrp root /bin/ping, but I don't believe it will make much difference. However, if you haven't changed the owner or group of those files previously, someone/thing else has, you should probably do an "ls -la /bin", as well as other places, just to make sure all other ownership is correct!
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 2:45 pm    Post subject: Reply with quote

nemectic wrote:
rudregues wrote:
I don't know what you mean with "rename my root account", ping always worked for me and to install gentoo I just followed the handbook. I didn't installed /bin/ping, It was installed by default with gentoo (and this was months ago)


Your /bin/ping & /bin/ping6 files belongs to the user "rodrigo", and the group "1001". Both of these should belong to root root by default, so something has happened there. you can try a chown root /bin/ping && chgrp root /bin/ping, but I don't believe it will make much difference. However, if you haven't changed the owner or group of those files previously, someone/thing else has, you should probably do an "ls -la /bin", as well as other places, just to make sure all other ownership is correct!
Well it solved the problem for root, now I can use ping command with root. But normal user has the same issue.


Code:
$ ls -la /bin
total 9052
drwxr-xr-x  3 rodrigo 1001    4096 Oct 10 09:17 .
drwxr-xr-x 21 rodrigo 1001    4096 Oct 10 15:41 ..
-rwxr-xr-x  1 rodrigo 1001   10336 Jul 29 14:56 attr
lrwxrwxrwx  1 rodrigo 1001       4 May 16 02:55 awk -> gawk
-rwxr-xr-x  1 rodrigo 1001   31160 May 16 02:20 basename
-rwxr-xr-x  1 rodrigo 1001  741904 May 16 02:09 bash
lrwxrwxrwx  1 root    root       7 Oct 10 08:44 bb -> busybox
lrwxrwxrwx  1 rodrigo 1001       5 May 16 01:32 bunzip2 -> bzip2
-rwxr-xr-x  1 root    root 1970912 Oct 10 08:44 busybox
lrwxrwxrwx  1 rodrigo 1001       5 May 16 01:32 bzcat -> bzip2
-rwxr-xr-x  1 rodrigo 1001   35224 May 16 01:32 bzip2
-rwxr-xr-x  1 rodrigo 1001   47768 May 16 02:20 cat
-rwxr-xr-x  1 rodrigo 1001   14496 May 16 02:16 chacl
-rwxr-xr-x  1 rodrigo 1001   60024 May 16 02:20 chgrp
-rwxr-xr-x  1 rodrigo 1001   55896 May 16 02:20 chmod
-rwxr-xr-x  1 rodrigo 1001   60024 May 16 02:20 chown
-rwxr-xr-x  1 rodrigo 1001   35352 May 16 02:20 chroot
-rwxr-xr-x  1 rodrigo 1001  566381 Jul 27 00:15 cp
drwxr-xr-x  2 rodrigo 1001    4096 Jul 27 00:08 cp_mv_backup_exes
-rwxr-xr-x  1 rodrigo 1001  141336 Jul  4 18:34 cpio
-rwxr-xr-x  1 rodrigo 1001   43544 May 16 02:20 cut
-rwxr-xr-x  1 rodrigo 1001   64120 May 16 02:20 date
-rwxr-xr-x  1 rodrigo 1001   56000 May 16 02:20 dd
-rwxr-xr-x  1 rodrigo 1001   93032 May 16 02:20 df
-rwxr-xr-x  1 rodrigo 1001  109912 May 16 02:20 dir
-rwxr-xr-x  1 rodrigo 1001   27064 May 16 02:20 dirname
-rwxr-xr-x  1 rodrigo 1001   39440 May 16 01:57 dmesg
lrwxrwxrwx  1 rodrigo 1001       8 May 16 01:36 dnsdomainname -> hostname
lrwxrwxrwx  1 rodrigo 1001       8 May 16 01:36 domainname -> hostname
-rwxr-xr-x  1 rodrigo 1001  101208 May 16 02:20 du
-rwxr-xr-x  1 rodrigo 1001   31128 May 16 02:20 echo
-rwxr-xr-x  1 rodrigo 1001  142424 May 16 02:59 egrep
-rwxr-xr-x  1 rodrigo 1001   31160 May 16 02:20 env
-rwxr-xr-x  1 rodrigo 1001   39416 May 16 02:20 expr
-rwxr-xr-x  1 rodrigo 1001   27032 May 16 02:20 false
-rwxr-xr-x  1 rodrigo 1001  105336 May 16 02:59 fgrep
-rwxr-xr-x  1 rodrigo 1001   48960 May 16 01:57 findmnt
-rwxr-xr-x  1 rodrigo 1001   35920 May 19 19:36 fuser
-rwxr-xr-x  1 rodrigo 1001  426256 May 16 02:55 gawk
-rwxr-xr-x  1 rodrigo 1001   23496 May 16 02:16 getfacl
-rwxr-xr-x  1 rodrigo 1001   19240 Jul 29 14:56 getfattr
-rwxr-xr-x  1 rodrigo 1001  146552 May 16 02:59 grep
-rwxr-xr-x  1 rodrigo 1001   10368 Jul  1 18:53 groups
-rwxr-xr-x  1 rodrigo 1001    2249 May 16 02:57 gunzip
-rwxr-xr-x  1 rodrigo 1001   93880 May 16 02:57 gzip
-rwxr-xr-x  1 rodrigo 1001   39416 May 16 02:20 head
-rwxr-xr-x  1 rodrigo 1001   14504 May 16 01:36 hostname
-rwxr-xr-x  1 rodrigo 1001   72112 May 16 01:36 ifconfig
-rwxr-xr-x  1 rodrigo 1001   22856 Jul  1 18:04 kill
-rwxr-xr-x  1 root    root   85096 Oct 10 09:17 kmod
-rwxr-xr-x  1 rodrigo 1001   55936 May 16 02:20 ln
-rwxr-xr-x  1 rodrigo 1001   44712 Jul  1 18:53 login
-rwxr-xr-x  1 rodrigo 1001  109912 May 16 02:20 ls
-rwxr-xr-x  1 rodrigo 1001   61384 May 16 01:57 lsblk
lrwxrwxrwx  1 root    root       4 Oct 10 09:17 lsmod -> kmod
-rwxr-xr-x  1 rodrigo 1001   51768 May 16 02:20 mkdir
-rwxr-xr-x  1 rodrigo 1001   31160 May 16 02:20 mkfifo
-rwxr-xr-x  1 rodrigo 1001   35288 May 16 02:20 mknod
-rwxr-xr-x  1 rodrigo 1001   39480 May 16 02:20 mktemp
lrwxrwxrwx  1 root    root       4 Oct 10 09:17 modinfo -> kmod
-rwxr-xr-x  1 rodrigo 1001   39488 May 16 01:57 more
-rwx--x--x  1 rodrigo 1001   44040 May 16 01:57 mount
-rwxr-xr-x  1 rodrigo 1001   14512 May 16 01:57 mountpoint
-rwxr-xr-x  1 rodrigo 1001  557995 Jul 27 00:15 mv
-rwxr-xr-x  1 rodrigo 1001  191936 Aug  4 14:46 nano
-rwxr-xr-x  1 rodrigo 1001  123984 May 16 01:36 netstat
lrwxrwxrwx  1 rodrigo 1001       8 May 16 01:36 nisdomainname -> hostname
-rwx--x--x  1 rodrigo 1001   46816 Jul  1 18:53 passwd
lrwxrwxrwx  1 rodrigo 1001      14 May 16 01:39 pidof -> /sbin/killall5
-rwx--x--x  1 root    root   39760 May 16 02:14 ping
-rws--x--x  1 rodrigo 1001   40240 May 16 02:14 ping6
-rwxr-xr-x  1 rodrigo 1001   93040 Jul  1 18:04 ps
-rwxr-xr-x  1 rodrigo 1001   31224 May 16 02:20 pwd
lrwxrwxrwx  1 rodrigo 1001       4 May 16 02:09 rbash -> bash
lrwxrwxrwx  1 rodrigo 1001       8 May 16 03:02 rc-status -> /sbin/rc
-rwxr-xr-x  1 rodrigo 1001   39384 May 16 02:20 readlink
-rwxr-xr-x  1 rodrigo 1001   60024 May 16 02:20 rm
-rwxr-xr-x  1 rodrigo 1001   43480 May 16 02:20 rmdir
lrwxrwxrwx  1 rodrigo 1001       4 Aug  4 14:46 rnano -> nano
-rwxr-xr-x  1 rodrigo 1001   57912 May 16 01:36 route
-rwxr-xr-x  1 rodrigo 1001   19192 May 16 01:39 run-parts
-rwxr-xr-x  1 rodrigo 1001  134600 May 16 02:19 sed
-rwxr-xr-x  1 rodrigo 1001   47608 May 16 02:20 seq
-rwxr-xr-x  1 rodrigo 1001   36040 May 16 02:16 setfacl
-rwxr-xr-x  1 rodrigo 1001   14808 Jul 29 14:56 setfattr
lrwxrwxrwx  1 rodrigo 1001       4 May 16 02:09 sh -> bash
-rwxr-xr-x  1 rodrigo 1001   31160 May 16 02:20 sleep
-rwxr-xr-x  1 rodrigo 1001  105720 May 16 02:20 sort
-rwxr-xr-x  1 rodrigo 1001   68120 May 16 02:20 stty
-rwsr-xr-x  1 root    root   36712 Jul  1 18:53 su
-rwxr-xr-x  1 rodrigo 1001   27064 May 16 02:20 sync
-rwxr-xr-x  1 rodrigo 1001   64152 May 16 02:20 tail
-rwxr-xr-x  1 rodrigo 1001  311848 May 16 02:56 tar
-rwxr-xr-x  1 rodrigo 1001   10288 May 16 01:39 tempfile
-rwxr-xr-x  1 rodrigo 1001   60088 May 16 02:20 touch
-rwxr-xr-x  1 rodrigo 1001   43512 May 16 02:20 tr
-rwxr-xr-x  1 rodrigo 1001   27032 May 16 02:20 true
-rwxr-xr-x  1 rodrigo 1001   27064 May 16 02:20 tty
-rwxr-xr-x  1 rodrigo 1001  211088 Jul  1 18:47 udevadm
-rwx--x--x  1 rodrigo 1001   23128 May 16 01:57 umount
-rwxr-xr-x  1 rodrigo 1001   31224 May 16 02:20 uname
lrwxrwxrwx  1 rodrigo 1001       6 May 16 02:57 uncompress -> gunzip
-rwxr-xr-x  1 rodrigo 1001  109912 May 16 02:20 vdir
-rwxr-xr-x  1 rodrigo 1001   39512 May 16 02:20 wc
-rwxr-xr-x  1 rodrigo 1001   35456 May 16 01:57 wdctl
-rwxr-xr-x  1 rodrigo 1001   27064 May 16 02:20 yes
lrwxrwxrwx  1 rodrigo 1001       8 May 16 01:36 ypdomainname -> hostname
-rwxr-xr-x  1 rodrigo 1001    1941 May 16 02:57 zcat

Is there something wrong?
_________________
Emerging en gentoo
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 2:50 pm    Post subject: Reply with quote

Yes, in all those files that say "rodrigo 1001", it should say "root root"! Is rodrigo your user account?

Can you do:

Code:
grep 1001 /etc/group
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 2:54 pm    Post subject: Reply with quote

nemectic wrote:
Yes, in all those files that say "rodrigo 1001", it should say "root root"! Is rodrigo your user account?
Yes.
Well, I ran that command in / too:
Code:
$ ls -la /   
total 80
drwxr-xr-x  21 rodrigo 1001  4096 Oct 10 15:41 .
drwxr-xr-x  21 rodrigo 1001  4096 Oct 10 15:41 ..
drwxr-xr-x   3 rodrigo 1001  4096 Oct 10 09:17 bin
drwxr-xr-x   2 root    root  4096 Oct 10 18:40 boot
drwxr-xr-x  17 root    root  4180 Oct 11 10:10 dev
drwxr-xr-x  64 root    root  4096 Oct 11 10:10 etc
drwxr-xr-x   3 root    root  4096 May 19 13:22 home
lrwxrwxrwx   1 rodrigo 1001     5 May 16 01:52 lib -> lib64
drwxr-xr-x   2 root    root  4096 May 16 01:52 lib32
drwxr-xr-x  10 root    root  4096 Oct 10 09:17 lib64
drwx------   2 root    root 16384 May 18 23:18 lost+found
drwxr-xr-x   2 root    root  4096 May 16 00:52 media
drwxr-xr-x   6 root    root  4096 Jul 26 20:03 mnt
drwxr-xr-x   5 root    root  4096 Jul 28 17:44 opt
dr-xr-xr-x 116 root    root     0 Oct 11 10:09 proc
drwx------   9 root    root  4096 Oct 11 10:25 root
drwxr-xr-x  10 root    root   320 Oct 11 10:10 run
drwxr-xr-x   2 root    root  4096 Oct 10 13:31 sbin
dr-xr-xr-x  12 root    root     0 Oct 11 10:10 sys
drwxrwxrwt   5 root    root  4096 Oct 11 10:42 tmp
drwxr-xr-x  14 root    root  4096 Jul  6 21:04 usr
drwxr-xr-x  10 root    root  4096 Jul 26 05:14 var



Should I chown root /bin/* && chgrp root /bin/* ?
Or even chown root /* && chgrp root /* ?
_________________
Emerging en gentoo
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 2:56 pm    Post subject: Reply with quote

Code:
grep 1001 /etc/group
It returns no output....
_________________
Emerging en gentoo
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 3:03 pm    Post subject: Reply with quote

Code:
chown -R root /bin /lib
chgrp -R root /bin /lib
chown root /*
chgrp root /*
chown
chmod u+s su passwd
chmod 4755 /bin/ping


They should fix your immediate problems, including ping as a user.

Have you been using chown or chgrp lately? If you haven't, I'd have serious concerns about your systems integrity.

[edit]

Also, can you

Code:
grep 100 /etc/group
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 3:45 pm    Post subject: Reply with quote

nemectic wrote:

They should fix your immediate problems, including ping as a user.

Have you been using chown or chgrp lately? If you haven't, I'd have serious concerns about your systems integrity.

Yes, it really fixed ping command. Now it works like normal user too. The 'strangest' thing I did was boot my Sabayon, use chroot to enter my gentoo system and run su - testuser in the chrooted system, It dropped the root session to a normal user session, but I was in the gentoo chrooted system yet I think.

Obs.: ping6 says network is unreachable (don't know if is something related to ipv6 that I don't use/have) both for root and normal user

EDIT:
Code:
$ grep 100 /etc/group
users:x:100:rodrigo
rodrigo:x:1000:

_________________
Emerging en gentoo
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 3:48 pm    Post subject: Reply with quote

Code:
 chmod 4755 /bin/ping6


I'm not sure on the chroot thing, do you have a user called testuser? Seems strange if not.
Back to top
View user's profile Send private message
nemectic
Apprentice
Apprentice


Joined: 20 Aug 2004
Posts: 182

PostPosted: Fri Oct 11, 2013 3:50 pm    Post subject: Reply with quote

I'm puzzled as to why your /bin/ files were assigned to group 1001, perhaps it was something you did in the chroot from sabayon.
Back to top
View user's profile Send private message
rudregues
Apprentice
Apprentice


Joined: 29 Jan 2013
Posts: 227
Location: Brazil

PostPosted: Fri Oct 11, 2013 7:04 pm    Post subject: Reply with quote

Well, I was correct, I can't use ping6 because I don't have IPv6. So it makes sense the "networks unreachable" warning, it would be a problem if hadn't permission to use this. So I think ping and ping6 permission issues are solved.

But now, seems like I can have biggest file permission problems in my system. Where do you found all that information about which groups and owners each file and directory must be set? Is there a way to check/fix integrity of the whole system (like a revdep-rebuild, but for permissions)?
_________________
Emerging en gentoo
Back to top
View user's profile Send private message
stoil
Apprentice
Apprentice


Joined: 12 Apr 2006
Posts: 175
Location: Bulgaria

PostPosted: Tue Dec 01, 2015 4:12 am    Post subject: Reply with quote

This has just happened after last world update - ping has lost S flag. I'm not sure which package did that and what else could be broken.
To be more specific - ping had correct owner and group. It was just not able to work with regular user.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum