Same here.

Same here, my workaround is to add the setuid flag to the ping binary:
$ sudo chmod u+s /usr/bin/ping

giving setuid to /usr/bin/ping is a bit outdated, usually, you'd give it the cap_net_raw capability instead (see `man 7 capabilities`)

illustrated by the following on a systemd system:

$ getcap /usr/bin/ping
/usr/bin/ping cap_net_raw=ep

this capability is simply missing on openrc systems.

this is the related upstream issue:
https://bugs.archlinux.org/task/63710

apparently, there was a change to systemd that makes the cap_net_raw capability no longer necessary on systemd. on openrc, of course, it still is very much necessary.

this means we need a nonsystemd/openrc build, or add a news item in the form of 'manual action required on update'

for completeness: the command to restore the capability on an openrc system is:

setcap cap_net_raw=ep /usr/bin/ping

after gathering more info on this, (thanks, elibrokeit) it seems that arch has stopped solving the permission issues inherent to pings use of raw sockets with capabilities, and instead uses a file in /usr/lib/sysctl.d for this, which is provided by systemd.

our openrc provides this file as well (50-default.conf) but seems to be out of sync with the version installed by systemd. In particular, to get ping running correctly, the following line is needed:

-net.ipv4.ping_group_range = 0 2147483647

I would suggest we review the sysctl.d files installed by openrc and bring them up to date.