From 5264ba80e8c623209e268cfd012e8afb5472c16b Mon Sep 17 00:00:00 2001 From: theflakes Date: Tue, 9 Apr 2024 11:58:32 -0400 Subject: container: T6210: add capability sys-nice (cherry picked from commit b8f3c61ca514cacdfc2495f16869c1b1e07d2bbc) --- interface-definitions/container.xml.in | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'interface-definitions/container.xml.in') diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in index 94f2e92f5..e7dacea36 100644 --- a/interface-definitions/container.xml.in +++ b/interface-definitions/container.xml.in @@ -25,7 +25,7 @@ Grant individual Linux capability to container instance - net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-time + net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time net-admin @@ -51,12 +51,16 @@ sys-module Load, unload and delete kernel modules + + sys-nice + Permission to set process nice value + sys-time Permission to set system clock - (net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-time) + (net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time) -- cgit v1.2.3