PING icmp open socket: Operation not permitted in vserver

ping permissions virtual-machines

Solution 1:

TL;DR version: reinstall iputils-ping

I have seen online where it has been suggested to use 

chmod u+s $( which ping );

However this will permit the user to change the preload and flood. Which could result in a USER being able to Denial Of Service either your local machine or another machine or your network.

I tried what @nabil-bourenane suggested, reinstalling iputils-ping which resolved the issue for me and doesn't have the SUID bit set. 

username@server:~$ ls -l $( which ping );
-rwxr-xr-x 1 root root 44104 Nov  8  2014 /bin/ping

If the SUID bit is set it will look like

username@server:~$ ls -l $( which ping );
-rwsr-xr-x 1 root root 44104 Nov  8  2014 /bin/ping

Solution 2:

The solution is to set Linux System Capabilites to allow raw socket on the host machine.

Since this is a very v-server specific problem, the solution is to create a single-lined file named /etc/vservers/VMNAME/bcapabilities:

NET_RAW

and reboot VM.

Related

Are Ansible handlers defined in roles ran after the entire playbook or the role?
DHCP Options for Network Time Server
What is a SQL Server instance?
Synchronizing very large folder structures
How to edit command completion for ssh on zsh?
Best permissions/ownership for apache document root
CentOS ifcfg-eth0 config file deleted. Utility to recreate it?
Should I use bios "Advanced ECC" in Dell PowerEdge R710 Bios with ECC DIMMs?
Getting disconnected from OpenVPN server each hour
Set DNS host name for managed service account?
How can I use https with AWS Cloudfront without paying $600 to upload my cert?
Should I avoid putting two SSDs in a RAID1 configuration due to performance degradation?