[Xymon] xymon & fping

[Root, Paul T]

You should only need to set the sticky bit for the user.

Using the method below, your xymon user would need to be in the group that owns fping. You show it as zzzzzzzzz.

What these commands would do is disallow anyone not in the group from using the command at all. And it would give the user root permissions to resources, i.e. the raw socket, to the user.

From: Xymon <xymon-bounces at xymon.com> On Behalf Of Frank M. Ramaekers
Sent: Wednesday, December 12, 2018 10:13 AM
To: xymon at xymon.com
Subject: [Xymon] xymon & fping

[xymon at xxxxxxxx ~]$ fping yyyyyyyy
fping: can't create raw socket (must run as root?) : Operation not permitted
[xymon at xxxxxxxx ~]$ ls -lh /usr/local/sbin/fping
-rwxr-xr-x. 1 root root 87K Jul 24 12:28 /usr/local/sbin/fping

What should I do to correct this (best solution)?

Found this, but not sure it applies to xymon:

chown root:zzzzzzzz /usr/sbin/fping


chmod 710 /usr/sbin/fping



chmod ug+s /usr/sbin/fping



Frank M. Ramaekers Jr.


________________________________
This message contains information which is privileged and confidential and is solely for the use of the intended recipient. If you are not the intended recipient, be aware that any review, disclosure, copying, distribution, or use of the contents of this message is strictly prohibited. If you have received this in error, please destroy it immediately and notify us at PrivacyAct at torchmarkcorp.com<mailto:PrivacyAct at torchmarkcorp.com>.
This communication is the property of CenturyLink and may contain confidential or privileged information. Unauthorized use of this communication is strictly prohibited and may be unlawful. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy all copies of the communication and any attachments.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20181212/5f7be0c6/attachment.html>