+ Raw sockets can only be opened by root (or setuid root), so we
+ only try to do this when the effective uid is 0.
+
+ We used to just always try, and notice the failure. But apparently
+ that causes "SELinux" to log spurious warnings when running with the
+ "strict" policy. So to avoid that, we just don't try unless we
+ know it will work.
+ */
+ if (geteuid() == 0 &&
+ (pi->icmpsock = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP)) >= 0) {