Fix unprivileged ping

Recent iputils in CentOS 8 Stream removed capabilities on the ping binary and requires the change in net.ipv4.ping_group_range to allow unprivileged users to ping, however the change in systemd[1] is not yet shipped. This is a temporal workaround and sets the kernel parameter. This can be removed once the fix is shipped as part of a new systemd package. [1] https://github.com/redhat-plumbers/systemd-rhel8/pull/246 Closes-Bug: #1957913 Change-Id: I6fc0e7a62106c53d983818fc8c8b9d1e1cdebb31 (cherry picked from commit 50c2dab063) (cherry picked from commit 468b2263aa) (cherry picked from commit 9598bebff8) (cherry picked from commit 287bcf5584)
2022-01-14 18:33:47 +09:00 · 2022-01-14 18:33:47 +09:00 · 2c27035469
parent 8db1bcb3c1
commit 2c27035469
1 changed files with 7 additions and 0 deletions
--- a/run_tests.sh
+++ b/run_tests.sh
@ -209,6 +209,13 @@ if [ "${MANAGE_REPOS}" = true ]; then
    fi
 fi

+# NOTE(tkajinam): This is required to fix unprivileged ping, until
+#                 the following change is shipped
+#                 https://github.com/redhat-plumbers/systemd-rhel8/pull/246
+if is_fedora; then
+    sudo sysctl -w net.ipv4.ping_group_range='0 2147483647'
+fi
+
 print_header "Running Puppet Scenario: ${SCENARIO} (1st time)"
 run_puppet $SCENARIO
 RESULT=$?