Date: Fri, 28 Jun 2024 18:55:27 +0200 From: Mariusz Zaborski <oshogbo@freebsd.org> To: Alexander Leidinger <Alexander@leidinger.net> Cc: dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org, src-committers@freebsd.org Subject: Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time Message-ID: <CAGOYWV8GXAd=tKExtvig2BUV4Qs93219q%2BARe_73T9psfHFBnQ@mail.gmail.com> In-Reply-To: <748b26fecd710a15fb114d69d443da2f@Leidinger.net> References: <202406281025.45SAPLcL092196@gitrepo.freebsd.org> <748b26fecd710a15fb114d69d443da2f@Leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--000000000000209794061bf61e43 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable W dniu pt., 28.06.2024 o 15:35 Alexander Leidinger <Alexander@leidinger.net= > napisa=C5=82(a): > Am 2024-06-28 12:25, schrieb Mariusz Zaborski: > > The branch main has been updated by oshogbo: > > > > URL: > > > https://cgit.FreeBSD.org/src/commit/?id=3Dd3bb35d4e51b06488b731071e7841f5= 49bd5d26f > > > > commit d3bb35d4e51b06488b731071e7841f549bd5d26f > > Author: Mariusz Zaborski <oshogbo@FreeBSD.org> > > AuthorDate: 2024-06-28 10:23:31 +0000 > > Commit: Mariusz Zaborski <oshogbo@FreeBSD.org> > > CommitDate: 2024-06-28 10:23:31 +0000 > > > > jail: allow adjustment of host time > > > > Add a special permission to the jail to adjust and to set the host > > time. > > This can be useful if we want to compartmentalize the NTP daemon > > from the rest of the system. > > Do you plan to add a setting to service jails (rc.subr + > rc.conf-man-page) for this, e.g. > ---snip--- > case "$_svcj_option" in > chtime) > _svcj_cmd_options=3D"allow.adjti= me > allow.settime ${_svcj_cmd_options}" > ;; > ---snip--- > and change the ntpd start script to use it (removing ntpd_svcj=3D"NO" and > adding ntpd_svcj_options=3D"net_basic chtime" ... maybe net_raw is needed > too, TBD)? > > Like this ntpd could be compartmentalized with "sysrc ntpd_svcj=3DYES". > Hello, Yes, I'm going to follow up. Thanks, Mariusz > Bye, > Alexander. > > -- > http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF > http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF > --000000000000209794061bf61e43 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable <div><br></div><div><br><div class=3D"gmail_quote"><div dir=3D"ltr" class= =3D"gmail_attr">W dniu pt., 28.06.2024 o 15:35 Alexander Leidinger <<a h= ref=3D"mailto:Alexander@leidinger.net">Alexander@leidinger.net</a>> napi= sa=C5=82(a):<br></div><blockquote class=3D"gmail_quote" style=3D"margin:0px= 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1= ex;border-left-color:rgb(204,204,204)">Am 2024-06-28 12:25, schrieb Mariusz= Zaborski:<br> > The branch main has been updated by oshogbo:<br> > <br> > URL: <br> > <a href=3D"https://cgit.FreeBSD.org/src/commit/?id=3Dd3bb35d4e51b06488= b731071e7841f549bd5d26f" rel=3D"noreferrer" target=3D"_blank">https://cgit.= FreeBSD.org/src/commit/?id=3Dd3bb35d4e51b06488b731071e7841f549bd5d26f</a><b= r> > <br> > commit d3bb35d4e51b06488b731071e7841f549bd5d26f<br> > Author:=C2=A0 =C2=A0 =C2=A0Mariusz Zaborski <oshogbo@FreeBSD.org>= ;<br> > AuthorDate: 2024-06-28 10:23:31 +0000<br> > Commit:=C2=A0 =C2=A0 =C2=A0Mariusz Zaborski <oshogbo@FreeBSD.org>= ;<br> > CommitDate: 2024-06-28 10:23:31 +0000<br> > <br> >=C2=A0 =C2=A0 =C2=A0jail: allow adjustment of host time<br> > <br> >=C2=A0 =C2=A0 =C2=A0Add a special permission to the jail to adjust and = to set the host <br> > time.<br> >=C2=A0 =C2=A0 =C2=A0This can be useful if we want to compartmentalize t= he NTP daemon<br> >=C2=A0 =C2=A0 =C2=A0from the rest of the system.<br> <br> Do you plan to add a setting to service jails (rc.subr + <br> rc.conf-man-page) for this, e.g.<br> ---snip---<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0case "$_svcj_option" in<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0chtime)<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0_s= vcj_cmd_options=3D"allow.adjtime <br> allow.settime ${_svcj_cmd_options}"<br> =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2= =A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0;;= <br> ---snip---<br> and change the ntpd start script to use it (removing ntpd_svcj=3D"NO&q= uot; and <br> adding ntpd_svcj_options=3D"net_basic chtime" ... maybe net_raw i= s needed <br> too, TBD)?<br> <br> Like this ntpd could be compartmentalized with "sysrc ntpd_svcj=3DYES&= quot;.<br> </blockquote><div dir=3D"auto"><br></div><div dir=3D"auto"><div dir=3D"auto= ">Hello,=C2=A0</div><div dir=3D"auto"><br></div><div dir=3D"auto">Yes, I= 9;m going to follow up.</div><div dir=3D"auto"><br></div><div dir=3D"auto">= Thanks,</div><div dir=3D"auto">Mariusz</div><br></div><blockquote class=3D"= gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left-width:1px;border= -left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)"><br> Bye,<br> Alexander.<br> <br> -- <br> <a href=3D"http://www.Leidinger.net" rel=3D"noreferrer" target=3D"_blank">h= ttp://www.Leidinger.net</a> Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF= <br> <a href=3D"http://www.FreeBSD.org" rel=3D"noreferrer" target=3D"_blank">htt= p://www.FreeBSD.org</a>=C2=A0 =C2=A0 netchild@FreeBSD.org=C2=A0 : PGP 0x8F3= 1830F9F2772BF<br> </blockquote></div></div> --000000000000209794061bf61e43--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGOYWV8GXAd=tKExtvig2BUV4Qs93219q%2BARe_73T9psfHFBnQ>