Merge pull request #3285 from vyos/mergify/bp/sagitta/pr-3259

container: T6210: add capability sys-nice (backport #3259)

1 files changed, 6 insertions, 2 deletions

diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in
index 94f2e92f5..e7dacea36 100644
--- a/interface-definitions/container.xml.in
+++ b/interface-definitions/container.xml.in
@@ -25,7 +25,7 @@
             <properties>
               <help>Grant individual Linux capability to container instance</help>
               <completionHelp>
-                <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-time</list>
+                <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time</list>
               </completionHelp>
               <valueHelp>
                 <format>net-admin</format>
@@ -52,11 +52,15 @@
                 <description>Load, unload and delete kernel modules</description>
               </valueHelp>
               <valueHelp>
+                <format>sys-nice</format>
+                <description>Permission to set process nice value</description>
+              </valueHelp>
+              <valueHelp>
                 <format>sys-time</format>
                 <description>Permission to set system clock</description>
               </valueHelp>
               <constraint>
-                <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-time)</regex>
+                <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex>
               </constraint>
               <multi/>
             </properties>