Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time

Alexander Leidinger Fri, 28 Jun 2024 06:35:33 -0700

Am 2024-06-28 12:25, schrieb Mariusz Zaborski:

The branch main has been updated by oshogbo:

URL: https://cgit.FreeBSD.org/src/commit/?id=d3bb35d4e51b06488b731071e7841f549bd5d26f


commit d3bb35d4e51b06488b731071e7841f549bd5d26f
Author:     Mariusz Zaborski <osho...@freebsd.org>
AuthorDate: 2024-06-28 10:23:31 +0000
Commit:     Mariusz Zaborski <osho...@freebsd.org>
CommitDate: 2024-06-28 10:23:31 +0000

    jail: allow adjustment of host time

Add a special permission to the jail to adjust and to set the host time.

    This can be useful if we want to compartmentalize the NTP daemon
    from the rest of the system.

Do you plan to add a setting to service jails (rc.subr + rc.conf-man-page) for this, e.g.

---snip---
                        case "$_svcj_option" in
                                chtime)

_svcj_cmd_options="allow.adjtime allow.settime ${_svcj_cmd_options}"

                                        ;;
---snip---

and change the ntpd start script to use it (removing ntpd_svcj="NO" and adding ntpd_svcj_options="net_basic chtime" ... maybe net_raw is needed too, TBD)?


Like this ntpd could be compartmentalized with "sysrc ntpd_svcj=YES".

Bye,
Alexander.

--
http://www.Leidinger.net alexan...@leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org    netch...@freebsd.org  : PGP 0x8F31830F9F2772BF

signature.asc
Description: OpenPGP digital signature

Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time

Reply via email to