[Devel] [PATCH rh7 0/3] ve/time: allow date/time management from trusted Containers
Konstantin Khorenko
khorenko at virtuozzo.com
Fri May 24 14:32:26 MSK 2019
There is a need to run ntp service inside trusted Containers,
so let's introduce an appropriate feature for that.
Note: date/time is NOT virtualized, so the Container with such a feature can
change global date/time for the Hardware Node and all hosted Containers.
https://jira.sw.ru/browse/PSBM-94635
Konstantin Khorenko (3):
ve/capability: introduce capable() wrapper which honors CT features
ve/time: introduce CT feature to allow setting date/time
ve/time/ntp: allow CT ntp adjustment time tuning under VE_FEATURE_TIME
feature
include/linux/capability.h | 1 +
include/uapi/linux/vzcalluser.h | 1 +
kernel/capability.c | 13 +++++++++++++
kernel/time/ntp.c | 10 +++++++---
security/commoncap.c | 4 +++-
5 files changed, 25 insertions(+), 4 deletions(-)
--
2.15.1
More information about the Devel
mailing list