[Dnsmasq-discuss] Fwd: no-ping
Martin Ivičič
max.enhanced at gmail.com
Mon Feb 19 15:32:50 UTC 2024
Hello,
I might have stumbled upon a minor bug in dnsmasq which causes NET_ADMIN
capability being required even if it's actually not needed (according to
provided command line arguments).
diff --git a/src/dnsmasq.c b/src/dnsmasq.c
index 30fb419..cef42f6 100644
--- a/src/dnsmasq.c
+++ b/src/dnsmasq.c
@@ -313,9 +313,10 @@ int main (int argc, char **argv)
{
dhcp_init();
# ifdef HAVE_LINUX_NETWORK
- if (!option_bool(OPT_NO_PING))
- need_cap_net_raw = 1;
- need_cap_net_admin = 1;
+ if (!option_bool(OPT_NO_PING)) {
+ need_cap_net_raw = 1;
+ need_cap_net_admin = 1;
+ }
# endif
}
Without this patch, with following arguments, dnsmasq ends with "dnsmasq:
process is missing required capability NET_ADMIN"
src/dnsmasq \
--strict-order \
--bind-interfaces \
--interface=br-mgmt \
--listen-address=10.0.0.254 \
--dhcp-range=10.0.0.1,10.0.0.250 \
--dhcp-authoritative \
--no-ping \
--dhcp-broadcast \
--port=0 \
--conf-file= \
--pid-file=/tmp/dnsmasq.pid \
--dhcp-leasefile=/tmp/dnsmasq.leases \
--dhcp-no-override \
--no-daemon
After applying the patch dnsmasq starts and runs fine.
Best regards,
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20240219/68a7723f/attachment.htm>
More information about the Dnsmasq-discuss
mailing list