check for jailed environment for adjkerntz

[Xin LI]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

On 2010/03/01 12:55, Pawel Jakub Dawidek wrote:
> On Mon, Mar 01, 2010 at 02:15:41AM +0300, Subbsd wrote:
>> jail with "complete" type have standard crontab a file of tasks. However not
>> all standard task are adapted for work in jail an environment. For example
>> adjkerntz which generates
>>
>> adjkerntz [46733]: sysctl (set: "machdep.wall_cmos_clock"): Operation not
>> permitted
>>
>> I suggest to give adjkerntz concept about jail in which to it it is not
>> necessary to work:
> [...]
> 
> I also always was finding that annoying, but only your e-mail made me to
> think about ways to fix it and that maybe simple patch like the one
> below will do?
> 
> --- etc/crontab	(wersja 204363)
> +++ etc/crontab	(kopia robocza)
> @@ -22,4 +22,4 @@
>  #
>  # Adjust the time zone if the CMOS clock keeps local time, as opposed to
>  # UTC time.  See adjkerntz(8) for details.
> -1,31	0-5	*	*	*	root	adjkerntz -a
> +1,31	0-5	*	*	*	root	[ `sysctl -n security.jail.jailed` -eq 0 ] && adjkerntz -a

I wouldn't mind if someone is willing to teach adjkerntz about the
knowledge but I really think we should document explicitly somewhere
that a jail host machine should have CMOS time set to UTC, which would
avoid the whole codepath.

Cheers,
- -- 
Xin LI <delphij at delphij.net>	http://www.delphij.net/
FreeBSD - The Power to Serve!	       Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (FreeBSD)

iQEcBAEBAgAGBQJLjC7CAAoJEATO+BI/yjfBMvoIALhi3ByqQUWUKT7Ebjaqro6f
tvm5ZMc/S0ao67qbAqEfLuhKw+mdD0FFwRK5V02wrFk6WA/505fHWbO16FwNlsq0
5QoTEwM5NGkjouAPE8rk5cMH2Tx3/ImsAcNczqlQbEluwPx57fvp4mc06OEYMTQw
IPYs756f71nBfmE8c4I7RKRXAFtiUJEhPH2g0LpeOi7AUhjcmpNBpTlQdzOuy4GK
og0xL1+0GRC9ooYFMwd6RlsXOPZAkdvSt2PiCNnyN5+giQcK3ZvWo6+StGZwOB/z
fS4bF6zJxJ2kfj/QPEBj54Axb9+IQbHlTA1rp6lRkMLi4NomCaZCWiD7FIAhaTs=
=fPoZ
-----END PGP SIGNATURE-----