[lxc-users] Can a container modify the host rtc?

[Marat Khalili]

On 26/07/16 19:58, Stewart Brodie wrote:
>
> You won't be able to call those functions from a container not in the
> initial user namespace, even if you possess CAP_SYS_TIME, because of the way
> the kernel does its permission checks.
I wonder if there's there really no workaround for ntpd? Special version 
talking to the host through pipe probably? It is very convenient from 
administration point of view to keep every network service in a separate 
container.

--

With Best Regards,
Marat Khalili