Add "ncat" rootwrap filter for debug

In [1], new tests to check "ncat" tool were added. The missing piece of this patch was to add a new rootwrap filter to allow to execute "ncat" binary as root and inside a namespace. Closes-Bug: #1862927 [1]https://review.opendev.org/#/q/If8cf47a01dc353734ad07ca6cd4db7bec6c90fb6 Change-Id: I8e8e5cd8c4027cce58c7073002120d14f251463d
2020-02-12 11:43:27 +00:00 · 2020-02-12 11:43:27 +00:00 · 0ef4233d89
commit 0ef4233d89
parent 75f6f624bc
1 changed files with 4 additions and 0 deletions
--- a/etc/neutron/rootwrap.d/debug.filters
+++ b/etc/neutron/rootwrap.d/debug.filters
@ -20,3 +20,7 @@ ping6_alt: RegExpFilter, ping6, root, ping6, -c, \d+, -w, \d+, [0-9A-Fa-f:]+
 # "sleep" command, only for testing
 sleep: RegExpFilter, sleep, root, sleep, \d+
 kill_sleep: KillFilter, root, sleep, -9
+
+# "ncat" command, only for testing
+ncat: RegExpFilter, ncat, root, ncat, [0-9A-Fa-f:]+, \d+, .*
+ncat_exec: IpNetnsExecFilter, ncat, root