On Monday, 13 June 2022 16:56:35 CEST Ben Hutchings wrote: > We made the decision that the benefits of sandboxing with user > namespaces are likely to outweigh the risks, on most systems. Nothing > you've said convinces me to alter that assessment. I don't really/fully understand this topic, but I did look into it and from the Kconfig file I understood that it was (highly?) recommended to also enable CONFIG_MEMCG, while is defined as '=y' in debian/config/config. So that seems great. What I also found was the following in debian/config/armel/config.marvell: # CONFIG_MEMCG is not set Salsa commit fac721e3016478d286254eff2658954b15a70190 seems to be the 'cause' for that and commit title is "[armel] Fold config-reduced into config.marvell" Lots of changes in that commit, but I didn't see an explicit reason why CONFIG_MEMCG should be disabled (IIUC) on that platform. Is that something that needs to be corrected? (Just asking, I have no idea) Cheers, Diederik
Attachment:
signature.asc
Description: This is a digitally signed message part.