[PATCH] osmo-gsm-tester[master]: osmo-ggsn: set cap CAP_NET_ADMIN to be able to set up tun de...

[Pau Espin Pedrol]

Review at  https://gerrit.osmocom.org/5322

osmo-ggsn: set cap CAP_NET_ADMIN to be able to set up tun devices

This is a temporary workaround to be able to test gprs signalling until
we set up all required bits to run osmo-ggsn in its own namespace.

Change-Id: I0a3ce16218f0274e0be09bbf2881bc21636acdf9
---
M src/osmo_gsm_tester/osmo_ggsn.py
M src/osmo_gsm_tester/util.py
2 files changed, 24 insertions(+), 4 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/osmo-gsm-tester refs/changes/22/5322/1

diff --git a/src/osmo_gsm_tester/osmo_ggsn.py b/src/osmo_gsm_tester/osmo_ggsn.py
index c11353c..9f23c64 100644
--- a/src/osmo_gsm_tester/osmo_ggsn.py
+++ b/src/osmo_gsm_tester/osmo_ggsn.py
@@ -51,7 +51,14 @@
         pcap_recorder.PcapRecorder(self.suite_run, self.run_dir.new_dir('pcap'), None,
                                    'host %s' % self.addr())
 
-        env = { 'LD_LIBRARY_PATH': util.prepend_library_path(lib) }
+        env = {}
+
+        # setting capabilities will later disable use of LD_LIBRARY_PATH from ELF loader -> modify RPATH instead.
+        self.log('Setting RPATH for osmo-ggsn')
+        util.change_elf_rpath(binary, util.prepend_library_path(lib), self.run_dir.new_dir('patchelf'))
+        # osmo-ggsn requires CAP_NET_ADMIN to create tunnel devices: ioctl(TUNSETIFF):
+        self.log('Applying CAP_NET_ADMIN capability to osmo-ggsn')
+        util.setcap_net_admin(binary, self.run_dir.new_dir('setcap_net_admin'))
 
         self.dbg(run_dir=self.run_dir, binary=binary, env=env)
         self.process = process.Process(self.name(), self.run_dir,
diff --git a/src/osmo_gsm_tester/util.py b/src/osmo_gsm_tester/util.py
index 8fb6e19..ed1a258 100644
--- a/src/osmo_gsm_tester/util.py
+++ b/src/osmo_gsm_tester/util.py
@@ -68,12 +68,25 @@
     osmo-gsm-tester. See osmo-gsm-tester manual for more information.
     '''
     from .process import Process
-    SETCAP_NET_BIN = 'osmo-gsm-tester_setcap_net_raw.sh'
-    proc = Process(SETCAP_NET_BIN, run_dir, ['sudo', 'osmo-gsm-tester_setcap_net_raw.sh', binary])
+    SETCAP_NET_RAW_BIN = 'osmo-gsm-tester_setcap_net_raw.sh'
+    proc = Process(SETCAP_NET_RAW_BIN, run_dir, ['sudo', SETCAP_NET_RAW_BIN, binary])
     proc.launch()
     proc.wait()
     if proc.result != 0:
-        raise RuntimeError('%s finished with err code %d' % (SETCAP_NET_BIN, proc.result))
+        raise RuntimeError('%s finished with err code %d' % (SETCAP_NET_RAW_BIN, proc.result))
+
+def setcap_net_admin(binary, run_dir):
+    '''
+    This functionality requires specific setup on the host running
+    osmo-gsm-tester. See osmo-gsm-tester manual for more information.
+    '''
+    from .process import Process
+    SETCAP_NET_ADMIN_BIN = 'osmo-gsm-tester_setcap_net_admin.sh'
+    proc = Process(SETCAP_NET_ADMIN_BIN, run_dir, ['sudo', SETCAP_NET_ADMIN_BIN, binary])
+    proc.launch()
+    proc.wait()
+    if proc.result != 0:
+        raise RuntimeError('%s finished with err code %d' % (SETCAP_NET_ADMIN_BIN, proc.result))
 
 class listdict(dict):
     'a dict of lists { "a": [1, 2, 3],  "b": [1, 2] }'

-- 
To view, visit https://gerrit.osmocom.org/5322
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I0a3ce16218f0274e0be09bbf2881bc21636acdf9
Gerrit-PatchSet: 1
Gerrit-Project: osmo-gsm-tester
Gerrit-Branch: master
Gerrit-Owner: Pau Espin Pedrol <pespin at sysmocom.de>