As a follow on to this previous post. There was never a final answer for Rocky 9.x fping issues. Here is what I did (building off of the work of @underscoredje )
setcap cap_net_raw+ep /usr/sbin/fping
didn’t work for me.
I was getting the following error in the web UI:
FAIL: /usr/sbin/fping could not be executed. /usr/sbin/fping must have CAP_NET_RAW capability (getcap) or suid. Selinux exclusions may be required. (/usr/sbin/fping: cannot bind source address : Permission denied)
Create a file called http_fping.tt anywhere. It does not matter where. Installing this happens next.
I did this in my root home folder as you most run the following commands as root.
Contents of http_fping.tt are:
module http_fping 1.0;
require {
type node_t;
type httpd_t;
class capability net_raw;
class icmp_socket create;
class rawip_socket { getopt create setopt write read bind node_bind};
}
#============= httpd_t ==============
allow httpd_t node_t:rawip_socket node_bind;
allow httpd_t self:capability net_raw;
allow httpd_t self:icmp_socket create;
allow httpd_t self:rawip_socket { getopt create setopt write read bind};
Then run the following commands as root:
checkmodule -M -m -o http_fping.mod http_fping.tt
semodule_package -o http_fping.pp -m http_fping.mod
semodule -i http_fping.pp
Once this completed, I re-ran the validation in Libre NMS web UI.