nsenter: add support for the time namespace

Just as with unshare and lsns this adds time namespace support to
nsenter.

In contrast to unshare nsenter does not have the options '--boottime'
and '--monotonic' as that offset can only be set as long as there have
no processes being started in the corresponding time namespace.

Signed-off-by: Adrian Reber <areber@redhat.com>

diff --git a/sys-utils/nsenter.1 b/sys-utils/nsenter.1
index 6a96f77ec18105232576f923bb687c8f61c90b0b..9cce839c074473a73e7e759a5e103b28afe89e3b 100644 (file)
--- a/sys-utils/nsenter.1
+++ b/sys-utils/nsenter.1
@@ -92,6 +92,13 @@ and the discussion of the
 flag in
 .BR clone (2).
 .TP
+.B time namespace
+The process can have a distinct view of
+.B CLOCK_MONOTONIC
+and/or
+.B CLOCK_BOOTTIME
+which can be changed using \fI/proc/self/timens_offsets\fP.
+.TP
 See \fBclone\fP(2) for the exact semantics of the flags.
 .SH OPTIONS
 Various of the options below that relate to namespaces take an optional
@@ -144,6 +151,9 @@ the user namespace
 /proc/\fIpid\fR/ns/cgroup
 the cgroup namespace
 .TP
+/proc/\fIpid\fR/ns/time
+the time namespace
+.TP
 /proc/\fIpid\fR/root
 the root directory
 .TP
@@ -210,6 +220,14 @@ If
 is specified, enter the cgroup namespace specified by
 .IR file .
 .TP
+\fB\-T\fR, \fB\-\-time\fR[=\fIfile\fR]
+Enter the time namespace.  If no file is specified, enter the time namespace of
+the target process.
+If
+.I file
+is specified, enter the time namespace specified by
+.IR file .
+.TP
 \fB\-G\fR, \fB\-\-setgid\fR \fIgid\fR
 Set the group ID which will be used in the entered namespace and drop
 supplementary groups.

diff --git a/sys-utils/nsenter.c b/sys-utils/nsenter.c
index f294b12579243ef29b5b42aa215f090a406a1398..4432cd3675164b01698104d9eafaf3837b982315 100644 (file)
--- a/sys-utils/nsenter.c
+++ b/sys-utils/nsenter.c
@@ -62,6 +62,7 @@ static struct namespace_file {
        { .nstype = CLONE_NEWNET,   .name = "ns/net",  .fd = -1 },
        { .nstype = CLONE_NEWPID,   .name = "ns/pid",  .fd = -1 },
        { .nstype = CLONE_NEWNS,    .name = "ns/mnt",  .fd = -1 },
+       { .nstype = CLONE_NEWTIME,  .name = "ns/time", .fd = -1 },
        { .nstype = 0, .name = NULL, .fd = -1 }
 };
 
@@ -86,6 +87,7 @@ static void __attribute__((__noreturn__)) usage(void)
        fputs(_(" -p, --pid[=<file>]     enter pid namespace\n"), out);
        fputs(_(" -C, --cgroup[=<file>]  enter cgroup namespace\n"), out);
        fputs(_(" -U, --user[=<file>]    enter user namespace\n"), out);
+       fputs(_(" -T, --time[=<file>]    enter time namespace\n"), out);
        fputs(_(" -S, --setuid <uid>     set uid in entered namespace\n"), out);
        fputs(_(" -G, --setgid <gid>     set gid in entered namespace\n"), out);
        fputs(_("     --preserve-credentials do not touch uids or gids\n"), out);
@@ -219,6 +221,7 @@ int main(int argc, char *argv[])
                { "pid", optional_argument, NULL, 'p' },
                { "user", optional_argument, NULL, 'U' },
                { "cgroup", optional_argument, NULL, 'C' },
+               { "time", optional_argument, NULL, 'T' },
                { "setuid", required_argument, NULL, 'S' },
                { "setgid", required_argument, NULL, 'G' },
                { "root", optional_argument, NULL, 'r' },
@@ -248,7 +251,7 @@ int main(int argc, char *argv[])
        close_stdout_atexit();
 
        while ((c =
-               getopt_long(argc, argv, "+ahVt:m::u::i::n::p::C::U::S:G:r::w::FZ",
+               getopt_long(argc, argv, "+ahVt:m::u::i::n::p::C::U::T::S:G:r::w::FZ",
                            longopts, NULL)) != -1) {
                switch (c) {
                case 'a':
@@ -300,6 +303,12 @@ int main(int argc, char *argv[])
                        else
                                namespaces |= CLONE_NEWUSER;
                        break;
+               case 'T':
+                       if (optarg)
+                               open_namespace_fd(CLONE_NEWTIME, optarg);
+                       else
+                               namespaces |= CLONE_NEWTIME;
+                       break;
                case 'S':
                        uid = strtoul_or_err(optarg, _("failed to parse uid"));
                        force_uid = true;