Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 28 Jun 2024 18:55:27 +0200
From:      Mariusz Zaborski <oshogbo@freebsd.org>
To:        Alexander Leidinger <Alexander@leidinger.net>
Cc:        dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org,  src-committers@freebsd.org
Subject:   Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time
Message-ID:  <CAGOYWV8GXAd=tKExtvig2BUV4Qs93219q%2BARe_73T9psfHFBnQ@mail.gmail.com>
In-Reply-To: <748b26fecd710a15fb114d69d443da2f@Leidinger.net>
References:  <202406281025.45SAPLcL092196@gitrepo.freebsd.org> <748b26fecd710a15fb114d69d443da2f@Leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
W dniu pt., 28.06.2024 o 15:35 Alexander Leidinger <Alexander@leidinger.net>
napisał(a):

> Am 2024-06-28 12:25, schrieb Mariusz Zaborski:
> > The branch main has been updated by oshogbo:
> >
> > URL:
> >
> https://cgit.FreeBSD.org/src/commit/?id=d3bb35d4e51b06488b731071e7841f549bd5d26f
> >
> > commit d3bb35d4e51b06488b731071e7841f549bd5d26f
> > Author:     Mariusz Zaborski <oshogbo@FreeBSD.org>
> > AuthorDate: 2024-06-28 10:23:31 +0000
> > Commit:     Mariusz Zaborski <oshogbo@FreeBSD.org>
> > CommitDate: 2024-06-28 10:23:31 +0000
> >
> >     jail: allow adjustment of host time
> >
> >     Add a special permission to the jail to adjust and to set the host
> > time.
> >     This can be useful if we want to compartmentalize the NTP daemon
> >     from the rest of the system.
>
> Do you plan to add a setting to service jails (rc.subr +
> rc.conf-man-page) for this, e.g.
> ---snip---
>                          case "$_svcj_option" in
>                                  chtime)
>                                          _svcj_cmd_options="allow.adjtime
> allow.settime ${_svcj_cmd_options}"
>                                          ;;
> ---snip---
> and change the ntpd start script to use it (removing ntpd_svcj="NO" and
> adding ntpd_svcj_options="net_basic chtime" ... maybe net_raw is needed
> too, TBD)?
>
> Like this ntpd could be compartmentalized with "sysrc ntpd_svcj=YES".
>

Hello,

Yes, I'm going to follow up.

Thanks,
Mariusz


> Bye,
> Alexander.
>
> --
> http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF
> http://www.FreeBSD.org    netchild@FreeBSD.org  : PGP 0x8F31830F9F2772BF
>

[-- Attachment #2 --]
<div><br></div><div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">W dniu pt., 28.06.2024 o 15:35 Alexander Leidinger &lt;<a href="mailto:Alexander@leidinger.net">Alexander@leidinger.net</a>&gt; napisał(a):<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)">Am 2024-06-28 12:25, schrieb Mariusz Zaborski:<br>
&gt; The branch main has been updated by oshogbo:<br>
&gt; <br>
&gt; URL: <br>
&gt; <a href="https://cgit.FreeBSD.org/src/commit/?id=d3bb35d4e51b06488b731071e7841f549bd5d26f" rel="noreferrer" target="_blank">https://cgit.FreeBSD.org/src/commit/?id=d3bb35d4e51b06488b731071e7841f549bd5d26f</a><br>;
&gt; <br>
&gt; commit d3bb35d4e51b06488b731071e7841f549bd5d26f<br>
&gt; Author:     Mariusz Zaborski &lt;oshogbo@FreeBSD.org&gt;<br>
&gt; AuthorDate: 2024-06-28 10:23:31 +0000<br>
&gt; Commit:     Mariusz Zaborski &lt;oshogbo@FreeBSD.org&gt;<br>
&gt; CommitDate: 2024-06-28 10:23:31 +0000<br>
&gt; <br>
&gt;     jail: allow adjustment of host time<br>
&gt; <br>
&gt;     Add a special permission to the jail to adjust and to set the host <br>
&gt; time.<br>
&gt;     This can be useful if we want to compartmentalize the NTP daemon<br>
&gt;     from the rest of the system.<br>
<br>
Do you plan to add a setting to service jails (rc.subr + <br>
rc.conf-man-page) for this, e.g.<br>
---snip---<br>
                         case &quot;$_svcj_option&quot; in<br>
                                 chtime)<br>
                                         _svcj_cmd_options=&quot;allow.adjtime <br>
allow.settime ${_svcj_cmd_options}&quot;<br>
                                         ;;<br>
---snip---<br>
and change the ntpd start script to use it (removing ntpd_svcj=&quot;NO&quot; and <br>
adding ntpd_svcj_options=&quot;net_basic chtime&quot; ... maybe net_raw is needed <br>
too, TBD)?<br>
<br>
Like this ntpd could be compartmentalized with &quot;sysrc ntpd_svcj=YES&quot;.<br>
</blockquote><div dir="auto"><br></div><div dir="auto"><div dir="auto">Hello, </div><div dir="auto"><br></div><div dir="auto">Yes, I&#39;m going to follow up.</div><div dir="auto"><br></div><div dir="auto">Thanks,</div><div dir="auto">Mariusz</div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;padding-left:1ex;border-left-color:rgb(204,204,204)"><br>
Bye,<br>
Alexander.<br>
<br>
-- <br>
<a href="http://www.Leidinger.net" rel="noreferrer" target="_blank">http://www.Leidinger.net</a>; Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF<br>
<a href="http://www.FreeBSD.org" rel="noreferrer" target="_blank">http://www.FreeBSD.org</a>    netchild@FreeBSD.org  : PGP 0x8F31830F9F2772BF<br>
</blockquote></div></div>

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAGOYWV8GXAd=tKExtvig2BUV4Qs93219q%2BARe_73T9psfHFBnQ>