Hallo again! I'm trying to run /usr/lib64/nagios/plugins/check_icmp in rootless container and I get the following error: check_icmp: Failed to obtain ICMP socket: Operation not permitted check_icmp permissions are as following: -rwsr-x--- 1 root nagios 75800 Apr 2 2021 /usr/lib64/nagios/plugins/check_icmp I am running it as root (container's root of course) ping localhost and /usr/lib64/nagios/plugins/check_ping -H localhost work without problems. /bin/ping is *not* suid, but has caps cap_net_admin,cap_net_raw+p set. /usr/lib64/nagios/plugins/check_icmp is setuid root and had no capabilities set. Ok, I remived suid bit from it and set same caps as for ping: -rwxr-x--- 1 root nagios 75800 Apr 2 2021 /usr/lib64/nagios/plugins/check_icmp /usr/lib64/nagios/plugins/check_icmp = cap_net_admin,cap_net_raw+p When I run it I still get same error. In which direction to dig? Best regards, -- \ / | | (OvO) | Михаил Иванов | (^^^) | | \^/ | E-mail: ivans(a)isle.spb.ru | ^ ^ | |