Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time

Reply: Mariusz Zaborski : "Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time"
In reply to: Mariusz Zaborski : "git: d3bb35d4e51b - main - jail: allow adjustment of host time"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Alexander Leidinger <Alexander_at_Leidinger.net>
Date: Fri, 28 Jun 2024 13:34:01 UTC

Am 2024-06-28 12:25, schrieb Mariusz Zaborski:
> The branch main has been updated by oshogbo:
> 
> URL: 
> https://cgit.FreeBSD.org/src/commit/?id=d3bb35d4e51b06488b731071e7841f549bd5d26f
> 
> commit d3bb35d4e51b06488b731071e7841f549bd5d26f
> Author:     Mariusz Zaborski <oshogbo@FreeBSD.org>
> AuthorDate: 2024-06-28 10:23:31 +0000
> Commit:     Mariusz Zaborski <oshogbo@FreeBSD.org>
> CommitDate: 2024-06-28 10:23:31 +0000
> 
>     jail: allow adjustment of host time
> 
>     Add a special permission to the jail to adjust and to set the host 
> time.
>     This can be useful if we want to compartmentalize the NTP daemon
>     from the rest of the system.

Do you plan to add a setting to service jails (rc.subr + 
rc.conf-man-page) for this, e.g.
---snip---
                         case "$_svcj_option" in
                                 chtime)
                                         _svcj_cmd_options="allow.adjtime 
allow.settime ${_svcj_cmd_options}"
                                         ;;
---snip---
and change the ntpd start script to use it (removing ntpd_svcj="NO" and 
adding ntpd_svcj_options="net_basic chtime" ... maybe net_raw is needed 
too, TBD)?

Like this ntpd could be compartmentalized with "sysrc ntpd_svcj=YES".

Bye,
Alexander.

-- 
http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF
http://www.FreeBSD.org    netchild@FreeBSD.org  : PGP 0x8F31830F9F2772BF