[xymon at xxxxxxxx ~]$ fping yyyyyyyy fping: can't create raw socket (must run as root?) : Operation not permitted [xymon at xxxxxxxx ~]$ ls -lh /usr/local/sbin/fping -rwxr-xr-x. 1 root root 87K Jul 24 12:28 /usr/local/sbin/fping
What should I do to correct this (best solution)?
Found this, but not sure it applies to xymon:
chown root:zzzzzzzz /usr/sbin/fping
chmod 710 /usr/sbin/fping
chmod ug+s /usr/sbin/fping
Frank M. Ramaekers Jr.
This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct at torchmarkcorp.com.
You don't say what operating system you are running, but I'll share what was required of me on Solaris: chmod u+s /opt/csw/sbin/fping*
which has resulted in: -rwsr-xr-x 1 root bin 36K Mar 11 2014 fping
I think I lifted this from: http://xymon.sourceforge.net/xymon/help/install.html
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
On 12/12/2018 7:12 AM, Frank M. Ramaekers wrote:
[xymon at xxxxxxxx ~]$ fping yyyyyyyy
fping: can't create raw socket (must run as root?) : Operation not permitted
[xymon at xxxxxxxx ~]$ ls -lh /usr/local/sbin/fping
-rwxr-xr-x. 1 root root 87K Jul 24 12:28 /usr/local/sbin/fping
What should I do to correct this (best solution)?
Found this, but not sure it applies to xymon:
chownroot:zzzzzzzz /usr/sbin/fping chmod710 /usr/sbin/fping chmodug+s /usr/sbin/fping
Very similar, CenfOS (CentOS) 7.5: cat /etc/redhat-release CentOS Linux release 7.5.1804 (AltArch)
Frank M. Ramaekers Jr.
-----Original Message----- From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of John Thurston Sent: Wednesday, December 12, 2018 10:48 AM To: xymon at xymon.com Subject: Re: [Xymon] xymon & fping
You don't say what operating system you are running, but I'll share what was required of me on Solaris: chmod u+s /opt/csw/sbin/fping*
which has resulted in: -rwsr-xr-x 1 root bin 36K Mar 11 2014 fping
I think I lifted this from: https://urldefense.proofpoint.com/v2/url?u=http-3A__xymon.sourceforge.net_xy...
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Department of Administration State of Alaska
On 12/12/2018 7:12 AM, Frank M. Ramaekers wrote:
[xymon at xxxxxxxx ~]$ fping yyyyyyyy
fping: can't create raw socket (must run as root?) : Operation not permitted
[xymon at xxxxxxxx ~]$ ls -lh /usr/local/sbin/fping
-rwxr-xr-x. 1 root root 87K Jul 24 12:28 /usr/local/sbin/fping
What should I do to correct this (best solution)?
Found this, but not sure it applies to xymon:
chownroot:zzzzzzzz /usr/sbin/fping chmod710 /usr/sbin/fping chmodug+s /usr/sbin/fping
Xymon mailing list Xymon at xymon.com https://urldefense.proofpoint.com/v2/url?u=http-3A__lists.xymon.com_mailman_...
This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct at torchmarkcorp.com.
You should only need to set the sticky bit for the user.
Using the method below, your xymon user would need to be in the group that owns fping. You show it as zzzzzzzzz.
What these commands would do is disallow anyone not in the group from using the command at all. And it would give the user root permissions to resources, i.e. the raw socket, to the user.
From: Xymon <xymon-bounces at xymon.com> On Behalf Of Frank M. Ramaekers Sent: Wednesday, December 12, 2018 10:13 AM To: xymon at xymon.com Subject: [Xymon] xymon & fping
[xymon at xxxxxxxx ~]$ fping yyyyyyyy fping: can't create raw socket (must run as root?) : Operation not permitted [xymon at xxxxxxxx ~]$ ls -lh /usr/local/sbin/fping -rwxr-xr-x. 1 root root 87K Jul 24 12:28 /usr/local/sbin/fping
What should I do to correct this (best solution)?
Found this, but not sure it applies to xymon:
chown root:zzzzzzzz /usr/sbin/fping
chmod 710 /usr/sbin/fping
chmod ug+s /usr/sbin/fping
Frank M. Ramaekers Jr.
This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct at torchmarkcorp.com<mailto:PrivacyAct at torchmarkcorp.com>. This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
participants (3)
-
FRamaekers@ailife.com
-
john.thurston@alaska.gov
-
Paul.Root@CenturyLink.com