summaryrefslogtreecommitdiffstats
path: root/ansible/roles/gsm-tester
diff options
context:
space:
mode:
authorPau Espin Pedrol <pespin@sysmocom.de>2018-10-26 14:21:45 +0200
committerPau Espin Pedrol <pespin@sysmocom.de>2018-10-26 19:25:53 +0000
commitcee37b80040ad4847f030f88f37df1312a5d7638 (patch)
tree0f4458b04b9af880fb17af033b277a25915184fc /ansible/roles/gsm-tester
parent6fdb3ef090d8d29236369476b47feee0cdcc3024 (diff)
ansible: ogt: Deploy osmo-gsm-tester_netns_exec.sh
Diffstat (limited to 'ansible/roles/gsm-tester')
-rwxr-xr-xansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh5
-rw-r--r--ansible/roles/gsm-tester/tasks/main.yml13
2 files changed, 18 insertions, 0 deletions
diff --git a/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh b/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh
new file mode 100755
index 0000000..336b746
--- /dev/null
+++ b/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+netns="$1"
+shift
+#TODO: Later on I may want to call myself with specific ENV and calling sudo in order to run inside the netns but with dropped privileges
+ip netns exec $netns "$@"
diff --git a/ansible/roles/gsm-tester/tasks/main.yml b/ansible/roles/gsm-tester/tasks/main.yml
index 61db8e9..4f57b17 100644
--- a/ansible/roles/gsm-tester/tasks/main.yml
+++ b/ansible/roles/gsm-tester/tasks/main.yml
@@ -237,6 +237,19 @@
dest: /etc/sudoers.d/osmo-gsm-tester_setcap_net_admin
mode: 0440
+- name: create a wrapper script to run processes on modem netns
+ copy:
+ src: osmo-gsm-tester_netns_exec.sh
+ dest: /usr/local/bin/osmo-gsm-tester_netns_exec.sh
+ mode: 755
+
+- name: allow osmo-gsm-tester sudo osmo-gsm-tester_netns_exec.sh
+ copy:
+ content: |
+ %osmo-gsm-tester ALL=(root) NOPASSWD: /usr/local/bin/osmo-gsm-tester_netns_exec.sh
+ dest: /etc/sudoers.d/osmo-gsm-tester_netns_exec
+ mode: 0440
+
- name: logrotate limit filesizes to 10M
copy:
content: "maxsize 10M"