diff options
Diffstat (limited to 'ansible')
-rwxr-xr-x | ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh | 5 | ||||
-rw-r--r-- | ansible/roles/gsm-tester/tasks/main.yml | 13 |
2 files changed, 18 insertions, 0 deletions
diff --git a/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh b/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh new file mode 100755 index 0000000..336b746 --- /dev/null +++ b/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh @@ -0,0 +1,5 @@ +#!/bin/bash +netns="$1" +shift +#TODO: Later on I may want to call myself with specific ENV and calling sudo in order to run inside the netns but with dropped privileges +ip netns exec $netns "$@" diff --git a/ansible/roles/gsm-tester/tasks/main.yml b/ansible/roles/gsm-tester/tasks/main.yml index 61db8e9..4f57b17 100644 --- a/ansible/roles/gsm-tester/tasks/main.yml +++ b/ansible/roles/gsm-tester/tasks/main.yml @@ -237,6 +237,19 @@ dest: /etc/sudoers.d/osmo-gsm-tester_setcap_net_admin mode: 0440 +- name: create a wrapper script to run processes on modem netns + copy: + src: osmo-gsm-tester_netns_exec.sh + dest: /usr/local/bin/osmo-gsm-tester_netns_exec.sh + mode: 755 + +- name: allow osmo-gsm-tester sudo osmo-gsm-tester_netns_exec.sh + copy: + content: | + %osmo-gsm-tester ALL=(root) NOPASSWD: /usr/local/bin/osmo-gsm-tester_netns_exec.sh + dest: /etc/sudoers.d/osmo-gsm-tester_netns_exec + mode: 0440 + - name: logrotate limit filesizes to 10M copy: content: "maxsize 10M" |