Over the weekend I started looking at ping.c again thinking "this seems really easy, why haven't I already done it". And I figured out why (I wanted the code to autodetect ipv4 or ipv6 without you having to specify, but you could go "ping -I lo 127.0.0.1" and it could see ::1 as the first address of lo so you have to defer the decision of which type to use while detecting, AND I still wanted -4 and -6 to work to force the decision meaning it fails if source or dest can't do that, except supplying source address is optional.)
So I finally untangled all that crap, and then I started in on the next thing I wantedit to do, use the "unprivileged ping sockets" stuff Linux merged back in 2011: https://lwn.net/Articles/422330/ It's almost been 7 years, no need to support the old "needs root" stuff if this should be ubiquitously deployed. Yes that description's wrong, there's no such thing as PROT_ICMP, they mean IPPROTO_ICMP but good luck finding example code using that because nobody uses it. Why does nobody use it? Because the API is stupidly disabled for no apparent reason. > socket(2) is restricted to the group range specified in > "/proc/sys/net/ipv4/ping_group_range". It is "1 0" by default, meaning > that nobody (not even root) may create ping sockets. Setting it to "100 > 100" would grant permissions to the single group (to either make > /sbin/ping g+s and owned by this group or to grant permissions to the > "netadmins" group), "0 4294967295" would enable it for the world, "100 > 4294967295" would enable it for the users, but not daemons. This is why I was getting permission denied trying to test my code. If I "sudo /bin/bash" and then "echo 0 65535 > /proc/sys/net/ipv4/ping_group_range" my test code suddenly works. Question 1: WHY THE HELL DID THEY DISABLE THIS? Normal users have been able to ping from Linux forever (and still can), it just requires an suid binary to do it. Why does the API to _remove_ this restriction have this pointless safety catch REQUIRING ROOT TO ENABLE THE NON-ROOT API? Question 2: Why not make the default so root can use this, so ping implementations could switch over to the new API even if they still require the suid bit to work during the transition period? Question 3: Groups? Does anybody use groups post-y2k? UIDs, sure, but we haven't been sharing these machines since the minicomputer days, what's the point of making this depend on GID? Question 4: It's under ipv4 but not under ipv6, but it works for ipv6 too? Sigh. Anybody want to talk to the kernel guys to point a flamethrower at this nonsense? I'm kinda burnt out dealing with them after http://lkml.iu.edu/hypermail/linux/kernel/1705.2/06366.html (which dates back to http://lkml.iu.edu/hypermail/linux/kernel/1606.2/05742.html and so on; I made a follow-up patch to check for that specific situation and printk("Triggering workaround for obvious Debian bug.") but haven't got the energy for a fourth go at dealing with those guys just yet.) Sigh. I can implement a ping requiring suid, but... ouch? They MADE an api not to need this, and then cripped that API for no apparent reason. (If you wanna ping flood somebody you can do it with UDP?) Lemme check in what I've done, anyway... Ok, there. Rob _______________________________________________ Toybox mailing list Toybox@lists.landley.net http://lists.landley.net/listinfo.cgi/toybox-landley.net