Closed jabaa closed 2 years ago
Obviously,
ping
can be run without root permission.
I think beacause Kali Linux is Debian based ping uses file capabilities
getcap /usr/bin/ping
@sunwire Thank you. It seems, you're right. /usr/bin/ping
has network capabilities:
$ getcap $(which ping)
/usr/bin/ping cap_net_raw=ep
I checked other libraries and the only way I've found, was to spawn a ping
process. It looks like there is no way to use a Python library for this without sudo
(at least once to configure the system) or ping
.
Hi!
Thanks @sunwire for answering @jabaa 👍
@jabaa Your problem is not related to the library directly. You must set the net.ipv4.ping_group_range
parameter of your system to allow the use of datagram sockets (instead of raw sockets) for sending ICMP messages and therefore, to use the library without root privileges.
Related documentation: https://github.com/ValentinBELYN/icmplib/blob/main/docs/6-use-icmplib-without-privileges.md
Otherwise, what do you mean by "I don't have permissions to change"?
As long as you have the result below (1 0), you will not be able to use this library without root privileges:
$ sysctl net.ipv4.ping_group_range
net.ipv4.ping_group_range = 1 0 # functionality disabled: no user, even root, can use datagram sockets for ICMP requests
@ValentinBELYN, I've read this part of the documentation, but the steps are not possible for me. I have to distribute software to computer systems that I don't have sudo
access to. I can't
$ sudo sysctl -w net.ipv4.ping_group_range='0 2147483647'
I don't have the permissions and
$ sysctl -w net.ipv4.ping_group_range='0 2147483647'
without sudo
doesn't work. My question was:
My company gives me a laptop with Kali Linux without sudo
permission. Is it possible to send a ping
without the terminal program ping
? It seems like it's not possible. This laptop is the dev/test environment the software is later deployed to.
The answer is: No, it's not possible. I either have to use sudo
to modify the kernel settings or to run the script.
I am getting the same error on the Windows server (see below). Based on the documentation, the privileged flag is ignored on Windows.
Traceback (most recent call last): File "C:\Users\opc\nvpenv\lib\site-packages\icmplib\sockets.py", line 88, in init self._sock = self._create_socket( File "C:\Users\opc\nvpenv\lib\site-packages\icmplib\sockets.py", line 486, in _create_socket return socket.socket( File "C:\Program Files\Python310\lib\socket.py", line 232, in init _socket.socket.init(self, family, type, proto, fileno) OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "C:\Program Files\Python310\lib\threading.py", line 1009, in _bootstrap_inner
self.run()
File "C:\Program Files\Python310\lib\threading.py", line 946, in run
self._target(*self._args, self._kwargs)
File "C:\Users\opc\nvpenv\lib\site-packages\nvp\nvp_manager.py", line 70, in ping_monitor
self.GetAllBoatStatuses()
File "C:\Users\opc\nvpenv\lib\site-packages\nvp\nvp_manager.py", line 76, in GetAllBoatStatuses
hosts = multiping(all_hosts, count=1, timeout=2, privileged=False)**
File "C:\Users\opc\nvpenv\lib\site-packages\icmplib\multiping.py", line 267, in multiping
return asyncio.run(
File "C:\Program Files\Python310\lib\asyncio\runners.py", line 44, in run
return loop.run_until_complete(main)
File "C:\Program Files\Python310\lib\asyncio\base_events.py", line 646, in run_until_complete
return future.result()
File "C:\Users\opc\nvpenv\lib\site-packages\icmplib\multiping.py", line 163, in async_multiping
return [task.result() for task in tasks]
File "C:\Users\opc\nvpenv\lib\site-packages\icmplib\multiping.py", line 163, in
Is it possible to use this library without root permission?
I'm using Kali Linux
kali 5.16.0-kali1-amd64 #1 SMP PREEMPT Debian 5.16.7-2kali1 (2022-02-10) x86_64 GNU/Linux
with Python 3.9 and icmplib-3.0.3. I can runping
in my terminal. I've checkedAs you can see, SUID and SGID isn't set. I've checked
Obviously,
ping
can be run without root permission.I've tried
and got
I don't have permissions to change
Is there a way to use this library? Is this problem related to the way this library works or is it a general Python problem?