Exercise 41.2: Exploring apparmor security - issue with SETCAP
Hello,
I have run into an issue that I do not know how to resolve and I do not understand what causes it.
For the labs I am using quite an old laptop - BIOS dated 2010.
OS is UBUNTU 18.04.4 LTS (Bionic Beaver)"
Kernel: 5.3.0-53-generic
Every time I run the command:
****sudo setcap cap_net_raw+ep /bin/ping-test****
I get the following error:
fatal error: Invalid argument
usage: setcap [-q] [-v] (-r|-|) [ ... (-r|-|) ]
** Note must be a regular (non-symlink) file.**
I have checked and the file to which I am trying to assign the capabilities is a regular file
****stat /bin/ping-test
File: /bin/ping-test
Size: 64424 Blocks: 128 IO Block: 4096 regular file
Device: Inode: 916005 Links: 1
I have tried setcap command with other files and the same error is being displayed.
I have googled the issue and even though there are few people reporting this error no solution is provided.
One of the advice I found (dated 2012) was to compile the capabilities into the kernel - however it was not shown how to do it.
I have check ext4 file system and extended attributes are enabled.
I have no idea what else can be checked to make this command work.
I have also tried the same command on a newer machine with the same Ubuntu version and the same kernel.
It has worked seamlessly.
Both machines show that /sbin/setcap comes from libcap2-bin: /sbin/setcap
Could there be any hardware limitation? Any ideas?
Thank you,
Categories
- All Categories
- 176 LFX Mentorship
- 176 LFX Mentorship: Linux Kernel
- 750 Linux Foundation IT Professional Programs
- 373 Cloud Engineer IT Professional Program
- 169 Advanced Cloud Engineer IT Professional Program
- 74 DevOps IT Professional Program - Discontinued
- 4 DevOps & GitOps IT Professional Program
- 99 Cloud Native Developer IT Professional Program
- 7.6K Training Courses & Learning Paths
- 1 AI & ML Training
- 1 Blockchain & Decentralized Identity Training
- 3 Cloud & Containers Training
- 1 Cybersecurity Training
- 1 DevOps & Site-Reliability Training
- 1 Linux Kernel Development Training
- 1 Networking Training
- 1 Open Source Best Practice Training
- 1 System Administration Training
- 1 System Engineering Training
- 1 Web & Application Development Training
- 792 Hardware
- 202 Drivers
- 68 I/O Devices
- 37 Monitors
- 95 Multimedia
- 173 Networking
- 91 Printers & Scanners
- 87 Storage
- 768 Linux Distributions
- 81 Debian
- 67 Fedora
- 22 Linux Mint
- 13 Mageia
- 24 openSUSE
- 150 Red Hat Enterprise
- 31 Slackware
- 13 SUSE Enterprise
- 356 Ubuntu
- 465 Linux System Administration
- 31 Cloud Computing
- 73 Command Line/Scripting
- Github systems admin projects
- 98 Linux Security
- 78 Network Management
- 101 System Management
- 46 Web Management
- 106 Mobile Computing
- 18 Android
- 73 Development
- 1.2K New to Linux
- 1K Getting Started with Linux
- 392 Off Topic
- 121 Introductions
- 181 Small Talk
- 29 Study Material
- 949 Programming and Development
- 310 Kernel Development
- 621 Software Development
- 982 Software
- 374 Applications
- 182 Command Line
- 5 Compiling/Installing
- 68 Games
- 317 Installation
- Archived
- 2 LFD140 Class Forum
Upcoming Training
-
August 20, 2018
Kubernetes Administration (LFS458)
-
August 20, 2018
Linux System Administration (LFS301)
-
August 27, 2018
Open Source Virtualization (LFS462)
-
August 27, 2018
Linux Kernel Debugging and Security (LFD440)