PermissionError when Pingtop is executed without sudo

Hi @ivanhercaz , we use ICMP socket to send ICMP packet without root.

However, there is a option control who can use this feature.

cat /proc/sys/net/ipv4/ping_group_range

1	0

This means group number from 1 to 0 can use this feature, which means nobody can use this, so you get a Permission denied .

[vagrant@centos7 pingtop]$ python ping.py
Traceback (most recent call last):
  File "ping.py", line 281, in <module>
    print(do_one("google.com", 1, 64))
  File "ping.py", line 204, in do_one
    my_socket = socket.socket(socket.AF_INET, socket.SOCK_DGRAM, icmp)
  File "/usr/lib64/python2.7/socket.py", line 187, in __init__
    _sock = _realsocket(family, type, proto)
socket.error: [Errno 13] Permission denied

Solution

Change this variable to a proper range include your group id, like this:

[vagrant@centos7 pingtop]$ id
uid=1000(vagrant) gid=1000(vagrant) groups=1000(vagrant) context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

[vagrant@centos7 pingtop]$ sudo sysctl -w net.ipv4.ping_group_range='0 1001'
net.ipv4.ping_group_range = 0 1001

Then you can use this without sudo.

Apologize for the delay, I just realize my PR only granted non-root support for OS X, Linux is a bit tricky. One way to work around here is, like @laixintao indicated, set the ping_group_range. Also, there’s a bug in receive_one_ping func, will submit a PR to fix this.

root@host:~# sysctl -w net.ipv4.ping_group_range="<min-uid> <max-uid>"

For example, if your uid is 1234,

root@host:~# sysctl -w net.ipv4.ping_group_range="0 1234"

Not sure if it is the best practice here.