From nobody Fri Jun 28 13:34:01 2024 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4W9bzD4Kwdz5Mmcr; Fri, 28 Jun 2024 13:35:20 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Received: from mailgate.Leidinger.net (bastille.leidinger.net [89.238.82.207]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-256) client-digest SHA256) (Client CN "mailgate.leidinger.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4W9bzD14xmz49BZ; Fri, 28 Jun 2024 13:35:20 +0000 (UTC) (envelope-from Alexander@Leidinger.net) Authentication-Results: mx1.freebsd.org; none List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-src-main@freebsd.org Sender: owner-dev-commits-src-main@FreeBSD.org MIME-Version: 1.0 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leidinger.net; s=outgoing-alex; t=1719581705; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=uKUjLYBFmkdKnpVUHWy5yIXP3TYR8D4336x/8HmxN7M=; b=akgLi1FNzwfyr3tTiLbqC7MVNnNCx6NAOT7AjhjPZ20NUXM0GHEmTz2bn3KpwbsyeLuItX 4aWBEty63ZCymch4VDXdQhcRZ/r0WgbIP4VKKANYaUD63tSl9uSCg4X5yOiVHN4Ksvc7kZ HjuP8jOgMwIqIeFE3giYj86uPOgnC3zdkgvC23vpCKM+sCYNlVfMpkWTN6G8WylIG/Gtmg XHJGeW7Fl+4KvM9XPKetkaG8TH6jz4Ma3Gplekl0hYGdaYv6QtEu2EnETfUTbGA9C06zuH 43njzH8pvA420z5ESI8otPzuFE4DePEkCSGe9JLG9XxgAYjn9SHI1rLSg1YX+w== Date: Fri, 28 Jun 2024 15:34:01 +0200 From: Alexander Leidinger To: Mariusz Zaborski Cc: src-committers@freebsd.org, dev-commits-src-all@freebsd.org, dev-commits-src-main@freebsd.org Subject: Re: git: d3bb35d4e51b - main - jail: allow adjustment of host time In-Reply-To: <202406281025.45SAPLcL092196@gitrepo.freebsd.org> References: <202406281025.45SAPLcL092196@gitrepo.freebsd.org> Message-ID: <748b26fecd710a15fb114d69d443da2f@Leidinger.net> Organization: No organization, this is a private message. Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=_a7152074a93115fbb8de8d1340c6c7e1"; micalg=pgp-sha256 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:34240, ipnet:89.238.64.0/18, country:DE] X-Rspamd-Queue-Id: 4W9bzD14xmz49BZ This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --=_a7152074a93115fbb8de8d1340c6c7e1 Content-Transfer-Encoding: 7bit Content-Type: text/plain; charset=US-ASCII; format=flowed Am 2024-06-28 12:25, schrieb Mariusz Zaborski: > The branch main has been updated by oshogbo: > > URL: > https://cgit.FreeBSD.org/src/commit/?id=d3bb35d4e51b06488b731071e7841f549bd5d26f > > commit d3bb35d4e51b06488b731071e7841f549bd5d26f > Author: Mariusz Zaborski > AuthorDate: 2024-06-28 10:23:31 +0000 > Commit: Mariusz Zaborski > CommitDate: 2024-06-28 10:23:31 +0000 > > jail: allow adjustment of host time > > Add a special permission to the jail to adjust and to set the host > time. > This can be useful if we want to compartmentalize the NTP daemon > from the rest of the system. Do you plan to add a setting to service jails (rc.subr + rc.conf-man-page) for this, e.g. ---snip--- case "$_svcj_option" in chtime) _svcj_cmd_options="allow.adjtime allow.settime ${_svcj_cmd_options}" ;; ---snip--- and change the ntpd start script to use it (removing ntpd_svcj="NO" and adding ntpd_svcj_options="net_basic chtime" ... maybe net_raw is needed too, TBD)? Like this ntpd could be compartmentalized with "sysrc ntpd_svcj=YES". Bye, Alexander. -- http://www.Leidinger.net Alexander@Leidinger.net: PGP 0x8F31830F9F2772BF http://www.FreeBSD.org netchild@FreeBSD.org : PGP 0x8F31830F9F2772BF --=_a7152074a93115fbb8de8d1340c6c7e1 Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc; size=833 Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEER9UlYXp1PSd08nWXEg2wmwP42IYFAmZ+u94ACgkQEg2wmwP4 2IaRUA/9Hp90beWPpJVyEYQT4mzw/hi7M2y5E6kN5dJGYkCtbABanU9Ne++ww+th vjiT9zh2axDxEVxc05KfmJZ/kk9pKiZzLTooraWtNqv4RHsg99YHkmkeadk9jFJu 9+lQgVVpmU2KWpQcKDZpkhHluqpz+7PfwLdY0VucPGKdE5h0mnSDJcb0yiRnefop +fwSiYFt9lOOeqK3u0fS07z3uC6NISV94F3/QEVvFcKVBbLox1teS+jr/176XVU/ h8+6pFG6KORcuJyno8hyjR9PF/pIzDre/SaOF3UhebwJ6EPhf9WtICal/hCSVGsp Y4ss1AEeMCmZZYGcWV1Ku8I4b3oeA90XEzKDm8JhOhis/bX+uPRWVRccp17OUksO T2YKG8+lDU9kjGz/6kI7zDLERMm5H63FCN47lOJiCvP1G+yNx+kXhjPoaSS1xspw gOC6s3hLY6SyQK82Nzqh8e2dBPXjih2uMM+bm9ZJgcuGGjdThfO8dmUkhDU2eauo uXr+9I6C5x7/+jGP6UBBtEI72JOKBfLWjZpsJBl3G6Hp7ZWJ6+EgZJeY6ctxz7N2 z3jT+XM6DNon3+UmO/TDBdghST+4U8ZEsxuLtdrGNDa1L7hoAzEKcORfIJ3Fr8Ob 8ZcrxfR82RjAfG9SiifcWn6r75rdgNOm5fs/JYKTD99V4wSZIEk= =jwsK -----END PGP SIGNATURE----- --=_a7152074a93115fbb8de8d1340c6c7e1--