summaryrefslogtreecommitdiff
path: root/interface-definitions/container.xml.in
diff options
context:
space:
mode:
authortheflakes <theflakes@gmail.com>2024-04-09 11:58:32 -0400
committerGitHub <noreply@github.com>2024-04-09 17:58:32 +0200
commitb8f3c61ca514cacdfc2495f16869c1b1e07d2bbc (patch)
tree369f4c7c5dc34f6288f60e7e0b333456d69af81f /interface-definitions/container.xml.in
parent1f369d50c15bb687ad3662ebd9b92b20e12339c6 (diff)
downloadvyos-1x-b8f3c61ca514cacdfc2495f16869c1b1e07d2bbc.tar.gz
vyos-1x-b8f3c61ca514cacdfc2495f16869c1b1e07d2bbc.zip
container: T6210: add capability sys-nice
Diffstat (limited to 'interface-definitions/container.xml.in')
-rw-r--r--interface-definitions/container.xml.in8
1 files changed, 6 insertions, 2 deletions
diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in
index 94f2e92f5..e7dacea36 100644
--- a/interface-definitions/container.xml.in
+++ b/interface-definitions/container.xml.in
@@ -25,7 +25,7 @@
<properties>
<help>Grant individual Linux capability to container instance</help>
<completionHelp>
- <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-time</list>
+ <list>net-admin net-bind-service net-raw setpcap sys-admin sys-module sys-nice sys-time</list>
</completionHelp>
<valueHelp>
<format>net-admin</format>
@@ -52,11 +52,15 @@
<description>Load, unload and delete kernel modules</description>
</valueHelp>
<valueHelp>
+ <format>sys-nice</format>
+ <description>Permission to set process nice value</description>
+ </valueHelp>
+ <valueHelp>
<format>sys-time</format>
<description>Permission to set system clock</description>
</valueHelp>
<constraint>
- <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-time)</regex>
+ <regex>(net-admin|net-bind-service|net-raw|setpcap|sys-admin|sys-module|sys-nice|sys-time)</regex>
</constraint>
<multi/>
</properties>