[Not bug] ping command

[iz0eyj]

Hi,
I noticed that some people try Ubunu on Win; the first command issued is "ls", the second one is "ping" then... "ach! this Linux sucks!". :)
Third command, Win side, is "lxrun /uninstall /full".
So, please, consider to give ping rights to all users.

[benhillis]

Thank you for the feedback, this is definitely something that we are working to address in the future.

[Manouchehri]

Without (Windows) administrative privilege

root@DESKTOP-3RQO5S5:~# strace ping 127.0.0.1
execve("/bin/ping", ["ping", "127.0.0.1"], [/* 19 vars */]) = 0
brk(0)                                  = 0xa33000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faef5cd0000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=21298, ...}) = 0
mmap(NULL, 21298, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7faef5cd9000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libcap.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \26\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=18952, ...}) = 0
mmap(NULL, 2114160, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7faef57f0000
mprotect(0x7faef57f4000, 2093056, PROT_NONE) = 0
mmap(0x7faef59f3000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7faef59f3000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P \2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1840928, ...}) = 0
mmap(NULL, 3949248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7faef5420000
mprotect(0x7faef55da000, 2097152, PROT_NONE) = 0
mmap(0x7faef57da000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ba000) = 0x7faef57da000
mmap(0x7faef57e0000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7faef57e0000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faef5cc0000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faef5cb0000
arch_prctl(ARCH_SET_FS, 0x7faef5cb0740) = 0
mprotect(0x7faef57da000, 16384, PROT_READ) = 0
mprotect(0x7faef59f3000, 4096, PROT_READ) = 0
mprotect(0x609000, 4096, PROT_READ)     = 0
mprotect(0x7faef5c22000, 4096, PROT_READ) = 0
munmap(0x7faef5cd9000, 21298)           = 0
brk(0)                                  = 0xa33000
brk(0xa54000)                           = 0xa54000
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, 0}) = 0
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capset({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
prctl(PR_SET_KEEPCAPS, 1)               = 0
getuid()                                = 0
setuid(0)                               = 0
prctl(PR_SET_KEEPCAPS, 0)               = 0
getuid()                                = 0
geteuid()                               = 0
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
capset({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_NET_RAW, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = -1 EACCES (Permission denied)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_NET_RAW, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
capset({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 3
connect(3, {sa_family=AF_INET, sin_port=htons(1025), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
getsockname(3, {sa_family=AF_INET, sin_port=htons(60556), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0
close(3)                                = 0
dup(2)                                  = 3
fcntl(3, F_GETFL)                       = 0x2 (flags O_RDWR)
fstat(3, {st_mode=S_IFCHR|0600, st_rdev=makedev(4, 1), ...}) = 0
ioctl(3, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7faef5ca0000
lseek(3, 0, SEEK_CUR)                   = -1 ESPIPE (Illegal seek)
write(3, "ping: icmp open socket: Permissi"..., 42ping: icmp open socket: Permission denied
) = 42
close(3)                                = 0
munmap(0x7faef5ca0000, 4096)            = 0
exit_group(2)                           = ?
+++ exited with 2 +++

With (Windows) administrative privilege

ubuntu@DESKTOP-3RQO5S5:~$ sudo strace ping 127.0.0.1 -c1
sudo: unable to resolve host DESKTOP-3RQO5S5
execve("/bin/ping", ["ping", "127.0.0.1", "-c1"], [/* 14 vars */]) = 0
brk(0)                                  = 0x1ba5000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8532b50000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=21298, ...}) = 0
mmap(NULL, 21298, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f8532b4a000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libcap.so.2", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 \26\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0644, st_size=18952, ...}) = 0
mmap(NULL, 2114160, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f85325f0000
mprotect(0x7f85325f4000, 2093056, PROT_NONE) = 0
mmap(0x7f85327f3000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f85327f3000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P \2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1840928, ...}) = 0
mmap(NULL, 3949248, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f8532220000
mprotect(0x7f85323da000, 2097152, PROT_NONE) = 0
mmap(0x7f85325da000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1ba000) = 0x7f85325da000
mmap(0x7f85325e0000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f85325e0000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8532b40000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8532b30000
arch_prctl(ARCH_SET_FS, 0x7f8532b30740) = 0
mprotect(0x7f85325da000, 16384, PROT_READ) = 0
mprotect(0x7f85327f3000, 4096, PROT_READ) = 0
mprotect(0x609000, 4096, PROT_READ)     = 0
mprotect(0x7f8532a22000, 4096, PROT_READ) = 0
munmap(0x7f8532b4a000, 21298)           = 0
brk(0)                                  = 0x1ba5000
brk(0x1bc6000)                          = 0x1bc6000
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, CAP_CHOWN|CAP_DAC_OVERRIDE|CAP_DAC_READ_SEARCH|CAP_FOWNER|CAP_FSETID|CAP_KILL|CAP_SETGID|CAP_SETUID|CAP_SETPCAP|CAP_LINUX_IMMUTABLE|CAP_NET_BIND_SERVICE|CAP_NET_BROADCAST|CAP_NET_ADMIN|CAP_NET_RAW|CAP_IPC_LOCK|CAP_IPC_OWNER|CAP_SYS_MODULE|CAP_SYS_RAWIO|CAP_SYS_CHROOT|CAP_SYS_PTRACE|CAP_SYS_PACCT|CAP_SYS_ADMIN|CAP_SYS_BOOT|CAP_SYS_NICE|CAP_SYS_RESOURCE|CAP_SYS_TIME|CAP_SYS_TTY_CONFIG|CAP_MKNOD|CAP_LEASE|CAP_AUDIT_WRITE|CAP_AUDIT_CONTROL|CAP_SETFCAP, 0}) = 0
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capset({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
prctl(PR_SET_KEEPCAPS, 1)               = 0
getuid()                                = 0
setuid(0)                               = 0
prctl(PR_SET_KEEPCAPS, 0)               = 0
getuid()                                = 0
geteuid()                               = 0
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
capset({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_NET_RAW, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = 3
capget({_LINUX_CAPABILITY_VERSION_3, 0}, NULL) = -1 EFAULT (Bad address)
capget({_LINUX_CAPABILITY_VERSION_3, 0}, {CAP_NET_RAW, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
capset({_LINUX_CAPABILITY_VERSION_3, 0}, {0, CAP_NET_ADMIN|CAP_NET_RAW, 0}) = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_IP) = 4
connect(4, {sa_family=AF_INET, sin_port=htons(1025), sin_addr=inet_addr("127.0.0.1")}, 16) = 0
getsockname(4, {sa_family=AF_INET, sin_port=htons(65028), sin_addr=inet_addr("127.0.0.1")}, [16]) = 0
close(4)                                = 0
setsockopt(3, SOL_RAW, ICMP_FILTER, ~(ICMP_ECHOREPLY|ICMP_DEST_UNREACH|ICMP_SOURCE_QUENCH|ICMP_REDIRECT|ICMP_TIME_EXCEEDED|ICMP_PARAMETERPROB), 4) = 0
setsockopt(3, SOL_IP, IP_RECVERR, [1], 4) = 0
setsockopt(3, SOL_SOCKET, SO_SNDBUF, [324], 4) = 0
setsockopt(3, SOL_SOCKET, SO_RCVBUF, [65536], 4) = 0
getsockopt(3, SOL_SOCKET, SO_RCVBUF, [131072], [4]) = 0
fstat(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(4, 2), ...}) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f8532b20000
write(1, "PING 127.0.0.1 (127.0.0.1) 56(84"..., 49PING 127.0.0.1 (127.0.0.1) 56(84) bytes of data.
) = 49
setsockopt(3, SOL_SOCKET, SO_TIMESTAMP, [1], 4) = 0
setsockopt(3, SOL_SOCKET, SO_SNDTIMEO, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
setsockopt(3, SOL_SOCKET, SO_RCVTIMEO, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16) = 0
getpid()                                = 1538
rt_sigaction(SIGINT, {0x4043c0, [], SA_RESTORER|SA_INTERRUPT, 0x7f8532256cb0}, NULL, 8) = 0
rt_sigaction(SIGALRM, {0x4043c0, [], SA_RESTORER|SA_INTERRUPT, 0x7f8532256cb0}, NULL, 8) = 0
rt_sigaction(SIGQUIT, {0x4043b0, [], SA_RESTORER|SA_INTERRUPT, 0x7f8532256cb0}, NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [], NULL, 8) = 0
gettimeofday({1466692280, 42678}, NULL) = 0
ioctl(1, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, TIOCGWINSZ, {ws_row=78, ws_col=269, ws_xpixel=0, ws_ypixel=0}) = 0
gettimeofday({1466692280, 42678}, NULL) = 0
gettimeofday({1466692280, 42678}, NULL) = 0
sendmsg(3, {msg_name(16)={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("127.0.0.1")}, msg_iov(1)=[{"\10\0X9\6\2\0\1\270\362kW\0\0\0\0\266\246\0\0\0\0\0\0\20\21\22\23\24\25\26\27"..., 64}], msg_controllen=0, msg_flags=0}, 0) = 64
setitimer(ITIMER_REAL, {it_interval={0, 0}, it_value={10, 0}}, NULL) = 0
recvmsg(3, {msg_name(16)={sa_family=AF_INET, sin_port=htons(0), sin_addr=inet_addr("127.0.0.1")}, msg_iov(1)=[{"E\0\0TF\336\0\0\200\1\0\0\177\0\0\1\177\0\0\1\0\0`9\6\2\0\1\270\362kW"..., 192}], msg_controllen=32, {cmsg_len=32, cmsg_level=SOL_SOCKET, cmsg_type=0x1d /* SCM_??? */, ...}, msg_flags=0}, 0) = 84
write(1, "64 bytes from 127.0.0.1: icmp_se"..., 5864 bytes from 127.0.0.1: icmp_seq=1 ttl=128 time=0.000 ms
) = 58
write(1, "\n", 1
)                       = 1
write(1, "--- 127.0.0.1 ping statistics --"..., 34--- 127.0.0.1 ping statistics ---
) = 34
write(1, "1 packets transmitted, 1 receive"..., 601 packets transmitted, 1 received, 0% packet loss, time 0ms
) = 60
write(1, "rtt min/avg/max/mdev = 0.000/0.0"..., 50rtt min/avg/max/mdev = 0.000/0.000/0.000/0.000 ms
) = 50
exit_group(0)                           = ?
+++ exited with 0 +++

[Manouchehri]

Notice how without administrative privileges, we're unable to use ICMP.

socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = -1 EACCES (Permission denied)

With administrative privileges, we can.

socket(PF_INET, SOCK_RAW, IPPROTO_ICMP) = 3

[Manouchehri]

Related: #469, #63, #18.

[benhillis]

@Manouchehri you are correct, ping is currently only available if you run bash as an elevated user.

[Manouchehri]

This should probably be explained to the user during install time that root ≠ administrative privileges.

[bbulkow]

So then how to you get lxrun as admin? When I try the normal way ( left click and "run as admin" ) the command prompt pops up then vanishes without a trace.

Most normal developers expect 'ping' to work.... I understand all the reasons here, but if the first experience is "basic tooling is broken".... this feature will not take off as microsoft hops.

[rodrymbo]

It's not lxrun that needs elevation as much as bash.exe.

Just let lxrun do its thing, wait for the Bash icon to appear (start menu, usually). Remember lxrun is a console app, you need to run it from a CMD prompt with the correct parameters. Right click on the Bash icon in Start Menu once it appears and choose More, then Run As Admin. (Yes, if WSL is not installed, Bash.exe will start doing the install, apparently the same as lxrun, but the install is not where you need manual elevation in order to run ping.)

A couple of minor or mitigating points:

• Since Windows handles all the networking for WSL except DNS resolution, if Ping works in Windows, you can probably count on it working in WSL. So the only time you need to elevate Bash.exe and use Ping is if you are pretty sure something is not working.
• Ping (icmp) is the only "normal" networking function that needs elevating at present. In other words, there is no need to run Bash.exe elevated all the time
• WSL's traceroute (once it is installed) has the same issue as ping, I believe
• The first thing to check when something is not working is DNS, since Windows does not do DNS for WSL. Sometimes names not resolving looks like a network failure, when in fact it would work fine if the hostname resolved to a usable IP address. As far as I know dig and host work fine in WSL. Nslookup should look the same on the WSL side as it does on the Windows side, including the Server it uses.
• I've seen indications that the difference in functionality between Windows and WSL is sometimes a preference for IPv6 in one that is different on the other. Not 100%, more like a hunch.
• Another apparent networking issue has to do with firewall/AV. Third-party firewalls don't (yet) recognize WSL processes and tend to block them, frequently without even a notification.

And yes, I agree it should be listed as one of the beta-problems for people trying to install.

[bbulkow]

Thanks for the reply!

Yes, I realized after I wrote this that it's not LXRUN, it's BASH.EXE.... beginner's error.... then I couldn't find the issue to update it :-) .... good catch, thanks.

Regarding that "you don't need to run bash.exe elevated all the time", I only sort of agree. "ping" is a key bit of functionality, I can't retrain my fingers to do traceroute - heck, if I could retrain my fingers I would have learned PowerShell a long time ago - and unless you are sure that every script is not using any form of ping to do health checks, and you're never going to use ping yourself, then you can run standard.... but I use ping all the time. It was the first thing I tried ( after ls -l :-) )

So, for me, the answer is "run elevated 100% of the time". After all, I am a developer, and I am protected by 'sudo' for some awful stuff I might do. So that's cool.

As the daleks say, "elevate! ELEVATE!!!"

[rodrymbo]

Well, I did say it was a mitigation not a final solution to the problem.

And check your assumptions about sudo. When you run Bash.exe elevated, everything you do (whether sudo'd or not) is elevated. That means you can do all sorts of damage with just your normal user. Likewise, if you are not running Bash.exe elevated, you can use sudo to do maintenance on the WSL environment (like update software) but can't affect things in Windows that require elevation.

Anyway, here's hoping the Devs figure out a way to get ICMP (both ping and traceroute) working without elevation, for just the kinds of issues you describe.

[sunilmut]

Starting build 14926, thanks to the Windows networking team, admin is no longer a requirement for ping. ping6 also works in this build.

[aseering]

Thanks @sunilmut and thanks to the Windows networking team for adding this feature! I just tried it and am happy to confirm that it's working. (Both ping and ping6 -- the former covers a lot of use cases; the latter is some very nice icing on the cake :-) )

[sunilmut]

Thanks @aseering for confirming! Closing it out.

[SpoonOfDoom]

More than 6 months after this was closed, I am experiencing the original problem - I can only ping if I run bash as admin. Is there something I need to set manually for this to work? I am current with Windows updates as well as Ubuntu upgrades inside bash.

[aseering]

@SpoonOfDoom -- what Windows build are you using? (Type ver at a Windows command prompt.)

Issues here are closed when they are resolved in Windows Insider builds. It can take the better part of a year for fixes to make it from Insider Windows Update to regular Windows Update. In this particular case, this fix is scheduled to hit regular Windows Update next Tuesday.

[benhillis]

@aseering - Most changes in Insider builds are not backported to the previous version of Windows, you'll need to install the new version of Windows (Creator's Update).

[SpoonOfDoom]

@aseering I'm using build 10.0.14393. I wasn't aware that it takes that long for a fix to make it into regular versions. I guess I'm just gonna have to be patient then :)

[zhuran0822]

Hi Guys,

Sorry for trouble you, but I found a ping issue in my "bash on windows", and I have try to fix it but all failed.

root@CNSHZ-EL-000109:~# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.3 LTS
Release: 16.04
Codename: xenial

1.set root group
root@CNSHZ-EL-000109:# usermod -a -G root zran
root@CNSHZ-EL-000109:# ping 127.0.0.1
ping: icmp open socket: Permission denied

2.modify sudoers
root@CNSHZ-EL-000109:# vim /etc/sudoers
zran ALL=(ALL:ALL) ALL
root@CNSHZ-EL-000109:# ping 127.0.0.1
ping: icmp open socket: Permission denied

3.try su root
root@CNSHZ-EL-000109:# su
root@CNSHZ-EL-000109:# ping 127.0.0.1
ping: icmp open socket: Permission denied

4.try root login

lxrun /setdefaultuser root
root@CNSHZ-EL-000109:~# ping 127.0.0.1
ping: icmp open socket: Permission denied

Who can tell me why or how to fix it?
PS: Sorry for my english.

Best Regards,
Bruce

[aseering]

Hi @zhuran0822 -- can you include what version of Windows you are using? (Not the Linux version, the Windows version. Open up a Windows Command Prompt and type ver.)

[sunilmut]

@aseering - I bet he is running Anniversary Update build 14393.

@zhuran0822 - This issue was resolved way back in the 14926 build. If you update to Fall Creators Update, your issue will be resolved. There are also tons of other improvements in Fall update.

[zhuran0822]

Hi ASEERING & sunilmut,

Sorry for report late...
M:>ver.
Microsoft Windows [Version 10.0.14393]

Yes, my windows version is 14393, and I will try to upgrade my windows, thank you!

Best Regards,
Bruce Zhu