ovn migration: Don't use executables in /tmp/
It's a common practice to have /tmp/ mounted separately with noexec option. This effectively means no scripts can be executed from the filesystem mounted to /tmp. This patch explicitly calls sh binary to execute scripts from /tmp and removes the executable flag from the scripts. Closes-Bug: #1965183 Change-Id: I2f9cd67979a8a75848fcdd7a8c3bb56dd3590473 Signed-off-by: Jakub Libosvar <libosvar@redhat.com>
This commit is contained in:
parent
2f4661c876
commit
0529ccdf71
tools/ovn_migration/tripleo_environment/playbooks/roles/migration/tasks
@ -3,11 +3,11 @@
|
||||
template:
|
||||
src: "activate-ovn.sh.j2"
|
||||
dest: "/tmp/activate-ovn.sh"
|
||||
mode: 0744
|
||||
mode: 0644
|
||||
|
||||
- name: Run OVN activation script
|
||||
shell: >
|
||||
/tmp/activate-ovn.sh 2>&1 > /tmp/activate-ovn.sh.log
|
||||
sh /tmp/activate-ovn.sh 2>&1 > /tmp/activate-ovn.sh.log
|
||||
|
||||
- name: Delete OVN activate script
|
||||
file:
|
||||
|
@ -4,10 +4,10 @@
|
||||
template:
|
||||
src: "clone-br-int.sh.j2"
|
||||
dest: "/tmp/clone-br-int.sh"
|
||||
mode: 0744
|
||||
mode: 0644
|
||||
|
||||
- name: Run clone script for dataplane
|
||||
shell: /tmp/clone-br-int.sh
|
||||
shell: sh /tmp/clone-br-int.sh
|
||||
|
||||
- name: Delete clone script
|
||||
file:
|
||||
|
Loading…
x
Reference in New Issue
Block a user