On Fri, 2021-07-23 at 10:25 +0100, Simon McVittie wrote: > Package: release-notes > Severity: normal > Tags: patch moreinfo > X-Debbugs-Cc: email@example.com > > If I understand correctly, user.max_user_namespaces is an upstream kernel > feature, but kernel.unprivileged_userns_clone comes from a Debian-specific > patch that might be removed in future releases. It seems better to recommend > the upstream version (also used in e.g. RHEL). > > A possible patch is attached, but I'd prefer to get confirmation from > a kernel maintainer before applying this, hence tagged +moreinfo. I agree that this may be more future-proof (though it's taken little effort to maintain that patch over the last 8 years). Ben. -- Ben Hutchings Reality is just a crutch for people who can't handle science fiction.
Description: This is a digitally signed message part