RESOLVED: Sudden “operation not permitted”
- Date: Wed, 17 Apr 2019 23:57:27 +0900
- From: Mark Fletcher <mark27q1@xxxxxxxxx>
- Subject: RESOLVED: Sudden “operation not permitted”
On Wed, Apr 17, 2019 at 11:17:04AM +0300, Reco wrote:
> On Wed, Apr 17, 2019 at 03:25:39PM +0900, Mark Fletcher wrote:
> > I decided to try a reboot, which cleared the upowerd problem and returned
> > load to 0 or close to it. But now, network activity is not working.
> Seems like a coincidence to me.
You were right -- see below
> > Any attempt to ping an IP address (eg my router) results in “Operation not
> > permitted” even when run as root.
> This. About the only known (for me, at least) way to achieve this is to
> send back ICMP Type 3 (Destination Unreachable) Code 9 or 10
> (network/host administratively prohibited).
> It *could* be a SELinux or Apparmor misconfiguration, of course, but
> we'll deal with it later.
> The main question is, who sends ICMP back to your host.
No one -- as it turns out. The cause turned out to be that recent
changes I had made to this machine to support making its MTA available
to my VPN introduced a buggy iptables startup script which left my
iptables settings in a stupid state on boot (blocking EVERYTHING). I'd
never have thought of that if you hadn't asked me for the output of
iptables-save. Soon as my eye landed on "iptables" I was like,
Fixing the bug in the startup script and rebooting (to make sure it will
work next time) -- all is now well. No hardware fault, I'm very pleased
I don't know what caused upowerd to go nuts and probably never will, but
right now I'm just happy my machine is back up and running properly.