Unable to ping from LXC container (unpriviledged)

P

p3ter_b

New Member
Mar 20, 2024
12
12
3
--- sorry: accidentially posted this thread (and can't find a DELETE option?), but have already continued an existing thread:

onlime

Thread 'Ping with unprivileged user in LXC container / Linux capabilities'

On Proxmox VE 5.1, inside an LXC container, I cannot ping with unprivileged user. It gives me the following error:

Code: 
$ ping google.ch
ping: socket: Operation not permitted

On the hostnode itself I can ping with both unprivileged user and root, but inside an LXC container only as root.

The following fixes it and gives all unprivileged users the required privileges to a open the socket:

Code: 
$ sudo setcap cap_net_raw+p /bin/ping

Here's my question:
Would that be the right solution without exposing too many privileges?
How come this has suddenly changed? I remember ping...
  • Like

Other possibly related thread:
T

Post in thread 'No ping from non root user in Debian Buster LXC'

Hi

on my containers I just reinstall all packages containing setcap command and be already installed by the image.

That works in any way - hope useful for others too.

Here is a command which look at all installed packages and reinstall those ...

Bash: 
cd /var/lib/dpkg/info/ && apt install --reinstall $(grep -l 'setcap' * | sed -e 's/\.[^.]*$//g' | sort --unique)
  • Like

Sorry for the noise.
@admins: Feel free to delete this thread.
 
Last edited:
You must log in or register to reply here.
Top Bottom