matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[multi asic] add ip netns identify command to sudoer (#6591)

Browse Source 
Signed-off-by: Arvindsrinivasan Lakshmi Narasimhan <arlakshm@microsoft.com>

- Why I did it
The command sudo ip netns identify <pid> is used in function get_current_namespace
to check in the cli command is running in host context or within a namespace.

This function is used for every CLI command and command sudo ip netns identify <pid> needs to be added in sudoer files to allow users with RO access to run show cli commands

This problem is not there on single asic platforms.

- How I did it
Add ip netns identify [0-9]* to sudoers file.
This commit is contained in:
arlakshm 2021-01-28 23:12:01 -08:00 committed by Abhishek Dosi
parent 075bab813c
commit a750f89630
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
files/image_config/sudoers/sudoers
View File

@ -36,6 +36,7 @@ Cmnd_Alias READ_ONLY_CMDS = /sbin/brctl show, \
/usr/bin/teamshow, \
/usr/bin/vtysh -c show *, \
/usr/bin/vtysh -n [0-9] -c show *, \
/bin/ip netns identify [0-9]*, \
/bin/cat /var/log/syslog*, \
/usr/bin/tail -F /var/log/syslog