Docker-alpine: ping: permission denied (are you root?)

Created on 9 Feb 2017  路  2Comments  路  Source: gliderlabs/docker-alpine

I can't run ping if i am not the root user. In my case I am running a program that is running ping as the apache user. The service is started with a uid of 0 however the apache user is not able to run ping.

an easy fix is chmod u+s /bin/ping however I feel like this should be something that makes it's way upstream.

To reproduce you can do build this dockerfile https://github.com/michaeljs1990/phpipam/blob/dockerfile/Dockerfile and then exec into it make a lol.php file in the working dir and use this script.

<?php

exec('/bin/ping -c 5 -w 5 192.168.1.5 2>&1', $output);
var_dump($output);

and go go lol.php.

question
Source
picture michaeljs1990
👍1

Most helpful comment

Alternatively, you can install the iputils package to use the non-BusyBox ping which has the correct permissions you need.

picture andyshinn on 5 May 2017
👍10

All 2 comments

You need to set net.ipv4.ping_group_range on your host to enable unprivileged icmp sockets.

see for example: https://sturmflut.github.io/linux/ubuntu/2015/01/17/unprivileged-icmp-sockets-on-linux/

ncopa picture ncopa on 7 Mar 2017
👍2 😕1

Alternatively, you can install the iputils package to use the non-BusyBox ping which has the correct permissions you need.

andyshinn picture andyshinn on 5 May 2017
👍10
Was this page helpful?
0 / 5 - 0 ratings

Related issues

IdanAdar picture IdanAdar  路  4Comments
dniku picture dniku  路  4Comments
javixeneize picture javixeneize  路  4Comments
konradjurk picture konradjurk  路  5Comments
kalaksi picture kalaksi  路  3Comments