From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Date: Thu, 18 Nov 2021 15:06:41 +0300 From: Mikhail Efremov To: ALT Linux Team development discussions Message-ID: <20211118150641.5faa75bd@sem-notebook.localdomain> In-Reply-To: <20211118114356.GA27587@altlinux.org> References: <20211118143605.742f6370@tower> <20211118114356.GA27587@altlinux.org> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [devel] kernel.userns_restrict X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Nov 2021 12:06:46 -0000 Archived-At: List-Archive: List-Post: On Thu, 18 Nov 2021 14:43:56 +0300 Dmitry V. Levin wrote: > On Thu, Nov 18, 2021 at 02:36:05PM +0300, Anton V. Boyarshinov wrote: > > =D0=94=D0=BE=D0=B1=D1=80=D1=8B=D0=B9 =D0=B4=D0=B5=D0=BD=D1=8C > >=20 > > =D0=9D=D0=B5=D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=BE=D0=B5 =D0=B2=D1=80=D0= =B5=D0=BC=D1=8F =D0=BD=D0=B0=D0=B7=D0=B0=D0=B4 =D1=8F =D1=81=D0=B4=D0=B5=D0= =BB=D0=B0=D0=BB =D0=BE=D1=88=D0=B8=D0=B1=D0=BA=D1=83 =D0=BF=D1=80=D0=B8 git= rebase =D0=B8 =D0=BF=D0=BE=D1=82=D0=B5=D1=80=D1=8F=D0=BB =D0=B7=D0=BD=D0= =B0=D1=87=D0=B5=D0=BD=D0=B8=D0=B5 > > =D0=BF=D0=BE =D1=83=D0=BC=D0=BE=D0=BB=D1=87=D0=B0=D0=BD=D0=B8=D1=8E =D0= =B4=D0=BB=D1=8F sysctl kernel.userns_restrict > >=20 > > =D0=9A=D0=BE=D0=B3=D0=B4=D0=B0 =D0=BC=D0=BD=D0=B5 =D0=BE=D0=B1 =D1=8D= =D1=82=D0=BE=D0=BC =D1=81=D0=BE=D0=BE=D0=B1=D1=89=D0=B8=D0=BB=D0=B8, =D0=B2= =D0=BE=D1=81=D0=BF=D1=80=D0=B8=D0=BD=D1=8F=D0=BB =D1=8D=D1=82=D0=BE =D0=BA= =D0=B0=D0=BA =D1=81=D0=B5=D1=80=D1=8C=D1=91=D0=B7=D0=BD=D1=83=D1=8E =D0=BF= =D1=80=D0=BE=D0=B1=D0=BB=D0=B5=D0=BC=D1=83 =D0=B2 > > =D0=B1=D0=B5=D0=B7=D0=BE=D0=BF=D0=B0=D1=81=D0=BD=D0=BE=D1=81=D1=82=D0= =B8 =D0=B8 =D0=BF=D0=BE=D0=B1=D0=B5=D0=B6=D0=B0=D0=BB =D0=B8=D1=81=D0=BF=D1= =80=D0=B0=D0=B2=D0=BB=D1=8F=D1=82=D1=8C. > >=20 > > =D0=9D=D0=BE =D0=BD=D0=B5=D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=BE=D0=B5 =D0= =B2=D1=80=D0=B5=D0=BC=D1=8F =D1=81=D0=BF=D1=83=D1=81=D1=82=D1=8F, =D0=BC=D0= =BD=D0=B5 =D0=BE=D1=82=D0=BA=D1=80=D1=8B=D0=BB=D0=B0=D1=81=D1=8C =D0=B1=D0= =B5=D0=B7=D0=B4=D0=BD=D0=B0: > > [root@tower ~]# rpm -qf /lib/sysctl.d/90-bwrap.conf > > bubblewrap-0.4.1-alt2.x86_64 > > [root@tower ~]# apt-cache whatdepends bubblewrap > > bubblewrap-0.4.1-alt2:sisyphus+276333.100.1.1@1624975014 > > libwebkit2gtk-2.32.4-alt1:p10+284327.2740.7.2@1632434256 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: bubblewrap >=3D 0.3.1 > > libgnome-desktop3-40.4-alt1:p10+285934.3000.6.1@1637076523 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: bubblewrap > > bubblewrap-debuginfo-0.4.1-alt2:sisyphus+276333.100.1.1@1624975014 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: bubblewrap =3D 0.4.1-al= t2:sisyphus+276333.100.1.1 > > fwupd-1.6.1-alt1:sisyphus+275599.600.6.1@1624541985 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: bubblewrap > > flatpak-1.10.2-alt3:p10+284327.3300.7.2@1632434786 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: bubblewrap >=3D 0.4.1 > > nautilus-40.2-alt1:sisyphus+273636.100.1.1@1622839872 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: > > bubblewrap-0.4.1-alt2:sisyphus+276333.100.1.1@1624975014 > > libflatpak-1.10.2-alt3:p10+284327.3300.7.2@1632434786 > > =D0=A2=D1=80=D0=B5=D0=B1=D1=83=D0=B5=D1=82: > > bubblewrap-0.4.1-alt2:sisyphus+276333.100.1.1@1624975014 > >=20 > > =D0=90 libgnome-desktop3 =D1=8D=D1=82=D0=BE, =D0=B8=D0=B7=D0=B2=D0=B8= =D0=BD=D0=B8=D1=82=D0=B5, gnome-settings-daemon =D0=B8 =D0=B2=D1=81=D1=91, > > =D1=87=D1=82=D0=BE =D1=81 =D0=BD=D0=B8=D0=BC =D1=81=D0=B2=D1=8F=D0=B7= =D0=B0=D0=BD=D0=BE. =D0=A2=D0=B0=D0=BA=D0=B8=D0=BC =D0=BE=D0=B1=D1=80=D0=B0= =D0=B7=D0=BE=D0=BC, =D0=BD=D0=B0=D0=BC =D0=B2 =D0=BB=D1=8E=D0=B1=D0=BE=D0= =B9 =D0=B4=D0=B5=D1=81=D0=BA=D1=82=D0=BE=D0=BF=D0=BD=D1=8B=D0=B9 =D0=B4=D0= =B8=D1=81=D1=82=D1=80=D0=B8=D0=B1=D1=83=D1=82=D0=B8=D0=B2 =D1=81 gtk3 =D0= =BD=D0=B5=D1=87=D1=83=D0=B2=D1=81=D1=82=D0=B2=D0=B8=D1=82=D0=B5=D0=BB=D1=8C= =D0=BD=D0=BE =D0=BF=D1=80=D0=B8=D0=B5=D0=B7=D0=B6=D0=B0=D0=B5=D1=82 kernel= .userns_restrict=3D0 =D0=B8 =D1=8F =D1=81=D1=87=D0=B8=D1=82=D0=B0=D1=8E, = =D1=87=D1=82=D0=BE =D1=8D=D1=82=D0=BE > > =D0=B1=D0=BB=D0=BE=D0=BA=D0=B5=D1=80. =D0=9D=D0=BE =D0=BD=D0=B0 =D1=87= =D1=82=D0=BE =D0=B2=D0=B5=D1=88=D0=B0=D1=82=D1=8C =D0=BD=D0=B5=D0=BF=D0=BE= =D0=BD=D1=8F=D1=82=D0=BD=D0=BE, =D0=BD=D0=B8 =D0=BA =D0=BF=D1=83=D0=B3=D0= =BE=D0=B2=D0=B8=D1=86=D0=B0=D0=BC, =D0=BD=D0=B8 =D0=BA =D1=80=D1=83=D0=BA= =D0=B0=D0=B2=D0=B0=D0=BC =D0=BF=D1=80=D0=B5=D1=82=D0=B5=D0=BD=D0=B7=D0=B8= =D0=B9 =D0=BD=D0=B5=D1=82, =D0=BD=D0=BE =D0=BF=D0=B8=D0=B4=D0=B6=D0=B0=D0= =BA =D0=B2 =D1=86=D0=B5=D0=BB=D0=BE=D0=BC =D0=BD=D0=B8=D0=BA=D1=83=D0=B4=D0= =B0 =D0=BD=D0=B5 =D0=B3=D0=BE=D0=B4=D0=B5=D0=BD. =20 >=20 > =D0=9D=D1=83 =D1=87=D1=82=D0=BE, =D0=B2 =D0=BB=D1=83=D1=87=D1=88=D0=B8=D1= =85 =D1=82=D1=80=D0=B0=D0=B4=D0=B8=D1=86=D0=B8=D1=8F=D1=85 =D0=97=D0=B5=D1= =80=D0=B3=D0=B0 =D0=BF=D0=B0=D0=BA=D1=83=D0=B5=D0=BC =D0=B2 =D0=BA=D0=B0=D0= =BA=D0=BE=D0=B9-=D0=BD=D0=B8=D0=B1=D1=83=D0=B4=D1=8C =D0=BD=D0=B5=D1=83=D0= =B4=D0=B0=D0=BB=D1=8F=D0=B5=D0=BC=D1=8B=D0=B9 =D0=BF=D0=B0=D0=BA=D0=B5=D1=82 > /lib/sysctl.d/99-zalt.conf =D1=81 kernel.userns_restrict=3D1? =20 =D0=9D=D1=83, =D0=B4=D0=BB=D1=8F =D0=B4=D0=B8=D1=81=D1=82=D1=80=D0=B8=D0=B1= =D1=83=D1=82=D0=B8=D0=B2=D0=B0 =D0=BC=D0=BE=D0=B6=D0=BD=D0=BE =D1=81=D0=B4= =D0=B5=D0=BB=D0=B0=D1=82=D1=8C =D0=B8=D0=BD=D1=81=D1=82=D0=B0=D0=BB=D0=BB= =D0=B5=D1=80-=D1=84=D0=B8=D1=87=D1=83, =D0=BA=D0=BE=D1=82=D0=BE=D1=80=D0=B0= =D1=8F =D0=BF=D0=BE=D0=B4=D0=BB=D0=BE=D0=B6=D0=B8=D1=82 /=D0=B5=D0=B5=D1=81/sysctl.d/90-bwrap.conf. =D0=9D=D0=BE =D0=B2=D0=BE=D0=BE=D0=B1=D1=89=D0=B5 =D1=85=D0=BE=D1=82=D0=B5= =D0=BB=D0=BE=D1=81=D1=8C =D0=B1=D1=8B =D1=80=D0=B5=D1=88=D0=B8=D1=82=D1=8C = =D0=BA=D0=B0=D0=BA-=D1=82=D0=BE =D1=86=D0=B8=D0=B2=D0=B8=D0=BB=D0=B8=D0=B7= =D0=BE=D0=B2=D0=B0=D0=BD=D0=BD=D0=BE. =D0=9C=D0=BE=D0=B6=D0=B5=D1=82 contro= l =D0=B2 bubblewrap? --=20 WBR, Mikhail Efremov