This is a hardened kernel , where I do get : WARN: postinst Could not set caps on '/bin/ping' due to missing filesystem support: * enable XATTR support for 'ext2/ext3' in your kernel (if configurable) * mount the fs with the user_xattr option (if not the default) * enable the relevant FS_SECURITY option (if configurable) Could not set caps on '/bin/ping6' due to missing filesystem support: * enable XATTR support for 'ext2/ext3' in your kernel (if configurable) * mount the fs with the user_xattr option (if not the default) * enable the relevant FS_SECURITY option (if configurable) but OTOH I do have : ms-magpie linux # zgrep FS /proc/config.gz | grep -v '#' CONFIG_INITRAMFS_SOURCE="" CONFIG_SYSFS_SYSCALL=y CONFIG_RANDOMIZE_BASE_MAX_OFFSET=0x40000000 CONFIG_RFS_ACCEL=y CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y CONFIG_SCSI_PROC_FS=y CONFIG_EDAC_LEGACY_SYSFS=y CONFIG_RTC_INTF_SYSFS=y CONFIG_DMI_SYSFS=y CONFIG_EXT4_FS=y CONFIG_EXT4_FS_POSIX_ACL=y CONFIG_FS_MBCACHE=y CONFIG_BTRFS_FS=y CONFIG_BTRFS_FS_POSIX_ACL=y CONFIG_FS_POSIX_ACL=y CONFIG_EXPORTFS=y CONFIG_FSNOTIFY=y CONFIG_PROC_FS=y CONFIG_KERNFS=y CONFIG_SYSFS=y CONFIG_TMPFS=y CONFIG_TMPFS_POSIX_ACL=y CONFIG_TMPFS_XATTR=y CONFIG_GRKERNSEC_SYSFS_RESTRICT=y CONFIG_SECURITYFS=y So which kernel options I do miss at 4.5.5-hardened-r1 ? (FWIW at my desktop with BTRFS fs I do not get this error, but I do get this at my server having ext4)
iputils is simply using the fcaps.eclass, and all the output/logic is in there the error message seems pretty clear to me: * enable the relevant FS_SECURITY option (if configurable) you didn't enable that option in your kernel. if you run `make menuconfig` and search for it, you'll see the full name is "EXT4_FS_SECURITY".
Maybe this bug is PEBKAC but : It installs fine *today* both at my client and at my server and EXT4_FS_SECURITY is neither set on any of both machines.
