aboutsummaryrefslogtreecommitdiffstats
path: root/ansible
diff options
context:
space:
mode:
Diffstat (limited to 'ansible')
-rwxr-xr-xansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh5
-rw-r--r--ansible/roles/gsm-tester/tasks/main.yml13
2 files changed, 18 insertions, 0 deletions
diff --git a/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh b/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh
new file mode 100755
index 0000000..336b746
--- /dev/null
+++ b/ansible/roles/gsm-tester/files/osmo-gsm-tester_netns_exec.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+netns="$1"
+shift
+#TODO: Later on I may want to call myself with specific ENV and calling sudo in order to run inside the netns but with dropped privileges
+ip netns exec $netns "$@"
diff --git a/ansible/roles/gsm-tester/tasks/main.yml b/ansible/roles/gsm-tester/tasks/main.yml
index 61db8e9..4f57b17 100644
--- a/ansible/roles/gsm-tester/tasks/main.yml
+++ b/ansible/roles/gsm-tester/tasks/main.yml
@@ -237,6 +237,19 @@
dest: /etc/sudoers.d/osmo-gsm-tester_setcap_net_admin
mode: 0440
+- name: create a wrapper script to run processes on modem netns
+ copy:
+ src: osmo-gsm-tester_netns_exec.sh
+ dest: /usr/local/bin/osmo-gsm-tester_netns_exec.sh
+ mode: 755
+
+- name: allow osmo-gsm-tester sudo osmo-gsm-tester_netns_exec.sh
+ copy:
+ content: |
+ %osmo-gsm-tester ALL=(root) NOPASSWD: /usr/local/bin/osmo-gsm-tester_netns_exec.sh
+ dest: /etc/sudoers.d/osmo-gsm-tester_netns_exec
+ mode: 0440
+
- name: logrotate limit filesizes to 10M
copy:
content: "maxsize 10M"
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-30 08:35:25 +0000