Commit 0e98eee9 authored by Thomas Gambier's avatar Thomas Gambier

playbook/vifib-server: allow all users to do ping

Since tests are launched inside namespace, we don't have SUID ping
available anymore so we explicitely allow all users to do ping.

Please note that this works for both IPv4 and IPv6 despite the name.

See nexedi/slapos!1107 (comment 148968)
for more information.
parent dd750800
...@@ -27,6 +27,9 @@ ...@@ -27,6 +27,9 @@
- sysctl: name="net.ipv6.conf.default.forwarding" value=1 sysctl_set=yes state=present reload=yes - sysctl: name="net.ipv6.conf.default.forwarding" value=1 sysctl_set=yes state=present reload=yes
- sysctl: name="net.ipv6.route.max_size" value=262144 sysctl_set=yes state=present reload=yes - sysctl: name="net.ipv6.route.max_size" value=262144 sysctl_set=yes state=present reload=yes
- name: Allow ping for all users (no need for SUID binary)
sysctl: name="net.ipv4.ping_group_range" value="0 2147483647" sysctl_set=yes state=present reload=yes
- include: kvm.yml - include: kvm.yml
- include: shuttle-modprobe.yml - include: shuttle-modprobe.yml
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment