Description of problem:
Attempting to ping from an overcloud node when SSHed in as the heat-admin user results in a "Operation not permitted" error:
[stack@director pilot]$ ssh heat-admin.120.29
[heat-admin@r13-controller-0 ~]$ ping 192.168.120.24
ping: socket: Operation not permitted
Version-Release number of selected component (if applicable):
[stack@director pilot]$ rpm -qa | grep -i rhosp-director-images
rhosp-director-images-10.0-20170727.1.el7ost.noarch
rhosp-director-images-ipa-10.0-20170727.1.el7ost.noarch
How reproducible:
Install OSP10 with the latest bits and deploy the overcloud. ssh into an overcloud node as heat-admin. Try to ping another overcloud node. Note the error.
Steps to Reproduce:
1. See above.
Actual results:
ping: socket: Operation not permitted
Expected results:
Ping should work.
Additional info:
Ping works when run as root:
[stack@director pilot]$ ssh heat-admin.120.29
[heat-admin@r13-controller-0 ~]$ ping 192.168.120.24
ping: socket: Operation not permitted
[heat-admin@r13-controller-0 ~]$ sudo ping 192.168.120.24
PING 192.168.120.24 (192.168.120.24) 56(84) bytes of data.
64 bytes from 192.168.120.24: icmp_seq=1 ttl=64 time=0.183 ms
64 bytes from 192.168.120.24: icmp_seq=2 ttl=64 time=0.210 ms
^C
--- 192.168.120.24 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms
rtt min/avg/max/mdev = 0.183/0.196/0.210/0.019 ms
Bug 1475871 is also this one, the workaround was to run setcap on ping.
$ sudo setcap 'cap_net_admin,cap_net_raw+ep' /usr/bin/ping
It was related to 7.4 images but I'm not seeing anything released.
Closing this one, as it's really a duplicate of 1475871.
Therefore, the bug was fixed and closed.
*** This bug has been marked as a duplicate of bug 1475871 ***