[Bug 541] New: bad error mesage when run as not root

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Thu Feb 8 04:50:29 CET 2007


           Summary: bad error mesage when run as not root
           Product: iptables
           Version: unspecified
          Platform: i386
        OS/Version: Debian GNU/Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: iptables
        AssignedTo: laforge at netfilter.org
        ReportedBy: netfilter at rothwell.id.au

When iptables is run as a non root user, all sorts of messages are produced that
are pretty much irrelevant:

$ /sbin/iptables -vnL
modprobe: cannot create /var/log/ksymoops/20070208.log Permission denied
modprobe: Can't locate module ip_tables
modprobe: cannot create /var/log/ksymoops/20070208.log Permission denied
iptables v1.3.6: can't initialize iptables table `filter': Permission denied
(you must be root)
Perhaps iptables or your kernel needs to be upgraded.

A simple "you must be root" would probably be better.

Strace shows:

23208 socket(PF_INET, SOCK_RAW, IPPROTO_RAW) = -1 EPERM (Operation not permitted)
23208 open("/proc/sys/kernel/modprobe", O_RDONLY) = 3

So maybe the EPERM should check the euid and bail out if it is not root.  Or the
check could even be done earlier explicitly.

Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the netfilter-buglog mailing list