ping socket: Permission denied
I am root.
ping 127.0.0.1 and return error;
root@sam-PC:~# ping 127.0.0.1
socket: Permission denied
root@sam-PC:~# ifconfig
eth0 Link encap:Ethernet HWaddr 00:00:ff:ff:00:00 inet addr:192.168.100.104 Bcast:192.168.100.255 Mask:255.255.255.0 inet6 addr: fe80::200:ffff:feff:0/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:36 errors:0 dropped:0 overruns:0 frame:0 TX packets:7 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:2220 (2.2 KB) TX bytes:524 (524.0 B)
lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:40 errors:0 dropped:0 overruns:0 frame:0 TX packets:40 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:3160 (3.1 KB) TX bytes:3160 (3.1 KB)
root@sam-PC:~# ping 192.168.100.100
socket: Permission deniedwho knows why?
43 Answers
For this problem, we should add the following lines to /etc/group:
inet:x:3003:root
net_raw:x:3004:rootThe underlying ping is using sock_raw. To create such a socket, you must have root privileges.
int main(void) { rawsock = socket(AF_INET, SOCK_RAW, protocol->p_proto); if(rawsock < 0){ perror("socket"); return -1; }
}If the owner of the ping is not root, the error will not be fixed. Using the linux capability mechanism can't solve the problem.
1The OP is executing ping as root, so this isn't an answer to them, more an extended comment on the answer from @leesagacious. In my situation, on CentOS Stream 8, so doubly inappropriate for askubuntu... unless it happens there too, the Linux capability mechanism does appear to the the answer, kudos :
[manager@smu-centos8-daily-test ~]$ ping -c 1 8.8.8.8
ping: socket: Operation not permitted
[manager@smu-centos8-daily-test ~]$ getcap /usr/bin/ping
[manager@smu-centos8-daily-test ~]$ sudo setcap cap_net_raw+p /usr/bin/ping
[manager@smu-centos8-daily-test ~]$ ping -c 1 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=117 time=4.57 ms
--- 8.8.8.8 ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 4.567/4.567/4.567/0.000 ms
[manager@smu-centos8-daily-test ~]$ getcap /usr/bin/ping
/usr/bin/ping = cap_net_raw+p
[manager@smu-centos8-daily-test ~]$ sudo setcap -r /usr/bin/ping
[manager@smu-centos8-daily-test ~]$ getcap /usr/bin/ping
[manager@smu-centos8-daily-test ~]$ ping -c 1 8.8.8.8
ping: socket: Operation not permitted
[manager@smu-centos8-daily-test ~]$ I don't think that the owner of ping, as opposed to the uid of the process executing ping, would be relevant, except back in the days when ping was setuid.
More in general
"Zoraya ter Beek, age 29, just died by assisted suicide in the Netherlands. She was physically healthy, but psychologically depressed. It's an abomination that an entire society would actively facilitate, even encourage, someone ending their own life because they had no hope. Th…"
