我正在使用 Alpine(使用 busybox),并尝试让 ping 工作。首先,我尝试安装 iputils perhttps://serverfault.com/a/1001312。没有骰子。
然后我发现有些东西说我需要设置粘滞位,但它已经设置好了。
这是怎么回事?
/ # ping www.google.com
PING www.google.com (172.217.5.100): 56 data bytes
ping: permission denied (are you root?)
/ # which ping
/bin/ping
/ # ls -al /bin/ping
lrwxrwxrwx 1 root root 12 Jan 16 2020 /bin/ping -> /bin/busybox
/ # whoami
root
/ # apk add iputils
fetch https://alpine.global.ssl.fastly.net/alpine/v3.11/main/x86_64/APKINDEX.tar.gz
fetch https://alpine.global.ssl.fastly.net/alpine/v3.11/community/x86_64/APKINDEX.tar.gz
fetch https://alpine.global.ssl.fastly.net/alpine/edge/testing/x86_64/APKINDEX.tar.gz
(1/2) Installing libcap (2.27-r0)
(2/2) Installing iputils (20190709-r0)
Executing busybox-1.31.1-r9.trigger
Executing glibc-bin-2.28-r0.trigger
OK: 49 MiB in 32 packages
/ # ping www.google.com
ping: socket: Operation not permitted
/ # which ping
/bin/ping
/ # ls -al /bin/ping
-rwsr-xr-x 1 root root 60232 Oct 22 2019 /bin/ping
/ # chmod u+s /bin/ping
/ # ping www.google.com
ping: socket: Operation not permitted
/ # cat etc/os-release
NAME="Alpine Linux"
ID=alpine
VERSION_ID=3.11.3
PRETTY_NAME="Alpine Linux v3.11"
HOME_URL="https://alpinelinux.org/"
BUG_REPORT_URL="https://bugs.alpinelinux.org/"
答案1
这是sysctl限制 Alpine 上允许使用的用户 ID 范围的设置ping。要让所有ping用户
echo "0 2147483647" > /proc/sys/net/ipv4/ping_group_range
并使其永久化,
echo "net.ipv4.ping_group_range = 0 2147483647" >> /etc/sysctl.conf