Pivotal Knowledge Base

Follow

Linux ping command fails with "icmp open socket: Operation not permitted"

Environment

Product Version
Pivotal HD All versions

Symptom

During the Pivotal Hadoop deployment, Installation and Configuration Manager (ICM) scans all the hosts to verify if they meet the required prerequisites, and may report an error message stating "Admin hosts not reachable from the host" if cluster node cannot ping admin node successfully.

Scanhost output snippet:

Host: hdm4.pivotal.com
Status: [FAILED]
           [OK]: OS version is correct
           ......
           ......
          [FAILED]: Admin host is not reachable from host

Resolution

Troubleshoot:
- Identify the hostname from which admin node is not reachable.
Ex: hdm4.pivotal.com
- Login to that node as gpadmin and perform a ping test to check connectivity to admin node.

[gpadmin@admin] ssh hdm4.pivotal.com
[gpadmin@hdm4] ping -c 1 admin.pivotal.com

Some common causes:

1) /etc/hosts or DNS file cannot resolve the host
2) ping operation fails with below error:

[gpadmin@hdm4] ping -c 1 admin.pivotal.com 
ping: icmp open socket: Operation not permitted

You may see such an error if setuid bit (s) is not set on /bin/ping command.
Verify using:
[INCORRECT]
ls -al /bin/ping
-rwxr-xr-x 1 root root 40760 May 20 2011 /bin/ping
[CORRECT]
[root@pccadmin ~]# chmod 4755 /bin/ping
[root@pccadmin ~]# ls -tlr /bin/ping
-rwsr-xr-x. 1 root root 40760 Jul 18 2011 /bin/ping

where: s instead of x in the owner permissions means that the setuid is enabled, so this file will be executed with root permissions by all users.

Additional Information

Pivotal internal employee reference: HD-9896

 

Comments

Powered by Zendesk