[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#991426: release-notes: Recommend user.max_user_namespaces over kernel.unprivileged_userns_clone?

On Fri, 2021-07-23 at 10:25 +0100, Simon McVittie wrote:
> Package: release-notes
> Severity: normal
> Tags: patch moreinfo
> X-Debbugs-Cc: debian-kernel@lists.debian.org
> If I understand correctly, user.max_user_namespaces is an upstream kernel
> feature, but kernel.unprivileged_userns_clone comes from a Debian-specific
> patch that might be removed in future releases. It seems better to recommend
> the upstream version (also used in e.g. RHEL).
> A possible patch is attached, but I'd prefer to get confirmation from
> a kernel maintainer before applying this, hence tagged +moreinfo.

I agree that this may be more future-proof (though it's taken little
effort to maintain that patch over the last 8 years).


Ben Hutchings
Reality is just a crutch for people who can't handle science fiction.

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: