If a regex is required to have a comma ',' also, as part of rootwrap regex filter then it doesn't work. It seems oslo-rootwrap code parses a comma as a parameter separator. Using a '\' as escape doesn't work either....
ubuntu@u1604:~$ cat /etc/taas/rootwrap.d/taas.filter [Filters] i40e_sysfs_command: RegExpFilter, i40e_sysfs_command, root, i40e_sysfs_command, (?i)(add|rem), ([0-9]+(-[0-9]+)?)(,([0-9])+(-[0-9]+)?)*, (\/home\/ubuntu\/sys\/class\/net\/.*?\/device\/sriov\/[0-9]+\/(vlan|egress|ingress)_mirror)
ubuntu@u1604:~$ i40e.wrap i40e_sysfs_command add 0-4095 /home/ubuntu/sys/class/net/ensp3s9/device/sriov/99/vlan_mirror + sudo /usr/local/bin/taas-rootwrap /etc/taas/rootwrap.conf i40e_sysfs_command add 0-4095 /home/ubuntu/sys/class/net/ensp3s9/device/sriov/99/vlan_mirror /usr/local/bin/taas-rootwrap: Unauthorized command: i40e_sysfs_command add 0-4095 /home/ubuntu/sys/class/net/ensp3s9/device/sriov/99/vlan_mirror (no filter matched)
If a regex is required to have a comma ',' also, as part of rootwrap regex filter then it doesn't work. It seems oslo-rootwrap code parses a comma as a parameter separator. Using a '\' as escape doesn't work either....
ubuntu@u1604:~$ cat /etc/taas/ rootwrap. d/taas. filter (-[0-9] +)?)(,( [0-9])+ (-[0-9] +)?)*, (\/home\ /ubuntu\ /sys\/class\ /net\/. *?\/device\ /sriov\ /[0-9]+ \/(vlan| egress| ingress) _mirror)
[Filters]
i40e_sysfs_command: RegExpFilter, i40e_sysfs_command, root, i40e_sysfs_command, (?i)(add|rem), ([0-9]+
ubuntu@u1604:~$ i40e.wrap i40e_sysfs_command add 0-4095 /home/ubuntu/ sys/class/ net/ensp3s9/ device/ sriov/99/ vlan_mirror bin/taas- rootwrap /etc/taas/ rootwrap. conf i40e_sysfs_command add 0-4095 /home/ubuntu/ sys/class/ net/ensp3s9/ device/ sriov/99/ vlan_mirror bin/taas- rootwrap: Unauthorized command: i40e_sysfs_command add 0-4095 /home/ubuntu/ sys/class/ net/ensp3s9/ device/ sriov/99/ vlan_mirror (no filter matched)
+ sudo /usr/local/
/usr/local/