LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

user_namespaces.7: Clarify "system time" 

From an email conversation with Léo Stefanesco:

> In the man7.org version of the man page for user_namespaces(7), it reads:
>
>    there are many privileged operations that affect
>    resources that are not associated with any namespace type,
>    for example, changing the system time
>    (governed by CAP_SYS_TIME)
>
> which is not consistent with time_namespaces(7).

In fact, strictly peaking the text still is correct, even after
the arrival of time namespaces.

Time namespaces virtualize only the boot-time and monotonic
clocks, not the "real time" (i.e., calendar time), which is the
time referred in the passage you quote.

That said, the text is perhaps now a little misleading, and
a little clarification would help. I changed the text to:

    there are many privileged operations that affect
    resources are not associated with any namespace type,
    for example, changing the system **(i.e., calendar)** time
    (governed by CAP_SYS_TIME)

Reported-by: Léo Stefanesco <leo.lveb@gmail.com>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2020-06-09 10:03:04 +02:00
parent 7dc03d8607
commit 94e316bfea
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
man7/user_namespaces.7
View File

@ -235,7 +235,7 @@ namespaces owned by (associated with) the user namespace
.PP
On the other hand, there are many privileged operations that affect
resources that are not associated with any namespace type,
for example, changing the system time (governed by
for example, changing the system (i.e., calendar) time (governed by
.BR CAP_SYS_TIME ),
loading a kernel module (governed by
.BR CAP_SYS_MODULE ),