From 3bd04d1253cfcbd8b64795266eca42c1e5a48657 Mon Sep 17 00:00:00 2001
From: Christian Helmuth <christian.helmuth@genode-labs.com>
Date: Mon, 3 Jun 2024 11:07:35 +0200
Subject: [PATCH] Check nping permissions in nic_router_ipv4_fragm.run

---
 repos/libports/run/nic_router_ipv4_fragm.run | 21 ++++++++------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/repos/libports/run/nic_router_ipv4_fragm.run b/repos/libports/run/nic_router_ipv4_fragm.run
index d3a6b5becf..e69d8fbe20 100644
--- a/repos/libports/run/nic_router_ipv4_fragm.run
+++ b/repos/libports/run/nic_router_ipv4_fragm.run
@@ -27,18 +27,13 @@ if {![have_board linux]} {
 	exit 0
 }
 
-set nping_missing [catch {
-	spawn nping --version
-	expect {
-		{Nping version}  { }
-		eof { return }
-		timeout { return }
-	}
-}]
+set nping  [installed_command nping]
+set setcap [installed_command setcap]
 
-if {$nping_missing} {
-	puts "\nPlease install 'nping' and try again\n"
-	exit 1;
+if {[catch { exec $setcap -v cap_net_raw+ep $nping }]} {
+	puts "Ensure nping is permitted to run UDP mode as user."
+	puts "  sudo setcap cap_net_raw=+ep $nping"
+	exit 1
 }
 
 create_boot_directory
@@ -151,14 +146,14 @@ run_genode_until {.*lwIP Nic interface up.*\n} 30
 set genode_id [output_spawn_id]
 
 # ping server without ipv4 fragmentation (should succeed)
-spawn nping -c 1 --privileged --udp --data-length 160 --mtu 800 -p 8000 10.0.2.55
+spawn $nping -c 1 --privileged --udp --data-length 160 --mtu 800 -p 8000 10.0.2.55
 set pattern_string ""
 append pattern_string {.*RCVD .* UDP 10\.0\.2\.55:8000 > 10\.0\.2\.1:53 .*\n}
 append pattern_string {.*Raw packets sent: 1 (188B) | Rcvd: 1 (188B) | Lost: 0.*\n}
 run_genode_until $pattern_string 30 $spawn_id
 
 # ping server with ipv4 fragmentation (should fail)
-spawn nping -c 1 --privileged --udp --data-length 1600 --mtu 800 -p 8000 10.0.2.55
+spawn $nping -c 1 --privileged --udp --data-length 1600 --mtu 800 -p 8000 10.0.2.55
 set pattern_string ""
 append pattern_string {.*RCVD .* ICMP .*10\.0\.2\.55 > 10\.0\.2\.1 Fragmentation required.*\n}
 append pattern_string {.*RCVD .* ICMP .*10\.0\.2\.55 > 10\.0\.2\.1 Fragmentation required.*\n}