summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPau Espin Pedrol <pespin@sysmocom.de>2017-11-02 16:08:05 +0100
committerNeels Hofmeyr <neels@hofmeyr.de>2018-11-28 17:15:34 +0100
commit8ad5e6abbcccb02e40d8377d6ff0c922a37b1a1d (patch)
treeffe77ae461cf82c25fcbe4ff1834503a5321f75d
parent68ac2401d47bf5aef4d6316f0b1d051806da9ef6 (diff)
OsmoGSMTester: Document how to setup main unit to set CAP_NET_RAW as
-rw-r--r--doc/manuals/chapters/install.adoc30
1 files changed, 30 insertions, 0 deletions
diff --git a/doc/manuals/chapters/install.adoc b/doc/manuals/chapters/install.adoc
index aaf4d39..146dae1 100644
--- a/doc/manuals/chapters/install.adoc
+++ b/doc/manuals/chapters/install.adoc
@@ -486,6 +486,36 @@ adding the jenkins user to the 'usrp' group:
gpasswd -a jenkins usrp
----
+==== Allow CAP_NET_RAW capability
+
+Certain binaries require 'CAP_NET_RAW' to be set, like 'osmo-bts-octphy' as it
+uses a 'AF_PACKET' socket.
+
+To be able to set the following capability without being root, osmo-gsm-tester
+uses sudo to gain permissions to set the capability.
+
+This is the script that osmo-gsm-tester expects on the main unit:
+
+----
+echo /usr/local/bin/osmo-gsm-tester_setcap_net_raw.sh <<EOF
+#!/bin/bash
+/sbin/setcap cap_net_raw+ep $1
+EOF
+chmod +x /usr/local/bin/osmo-gsm-tester_setcap_net_raw.sh
+----
+
+Now, again on the main unit, we need to provide sudo access to this script for
+osmo-gsm-tester:
+
+----
+echo "%osmo-gsm-tester ALL=(root) NOPASSWD: /usr/local/bin/osmo-gsm-tester_setcap_net_raw.sh" > /etc/sudoers.d/osmo-gsm-tester_setcap_net_raw
+chmod 0440 /etc/sudoers.d/osmo-gsm-tester_setcap_net_raw
+----
+
+The script file name 'osmo-gsm-tester_setcap_net_raw.sh' is important, as
+osmo-gsm-tester expects to find a script with this name in '$PATH' at run time.
+
+
==== Log Rotation
To avoid clogging up /var/log, it makes sense to choose a sane maximum log size: