From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) on sa.local.altlinux.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED, T_DKIM_INVALID autolearn=no autolearn_force=no version=3.4.1 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=altlinux.org; s=dkim; h=Subject:In-Reply-To:Content-Type:MIME-Version: References:Message-ID:To:From:Date:Sender:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=b3C9ceh4nhFwgNTZHPKgAUPJCVrsTbwZPBBDIwrr+44=; b=xGZq2QQDJyiU6q8ydONr+Cq/PV ybz7n9KuSezTQMtyHyfqqlkXr+aQT43v1kCCWq8nEq07Ux+nXmAEVXtgmlDxHUK67HQjwOUXOJFqX fw1Y4tAZczHFo9JHTw7/wR/pIajKXd6/qIXs/F5dSzbE3Y/qgExeB5KUyUD4ggiuC6RV+SboSaE7L D1Wju4UAMcMONk5S/dSMS5631rv4xdd7o/5KV8mJvcja8+Ro9DD3gwSKQ/fu16SKwtH+7FQBBVenv j3nZLTd/Znd7CKl2NfsY1/egvn/MQqK38DZrLk0izX6H9rNP5MwZQUyYPjhZPMYGb3ORKfs8cBS1v P9C2799Q==; Date: Fri, 26 Nov 2021 14:29:26 +0300 From: Arseny Maslennikov To: ALT Linux Team development discussions Message-ID: References: <20211118143605.742f6370@tower> <20211126134036.7a326d6f@tower> <603d5fd2-372a-f654-c0bf-a742d59fcb8c@basealt.ru> <3489618.44csPzL39Z@zerg.malta.altlinux.ru> <20211126141726.65ced23f@tower> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="8RqqAdjO8V+p4pHR" Content-Disposition: inline In-Reply-To: <20211126141726.65ced23f@tower> OpenPGP: url=http://grep.cs.msu.ru/~ar/pgp-key.asc X-SA-Exim-Connect-IP: 37.204.119.143 X-SA-Exim-Mail-From: arseny@altlinux.org X-SA-Exim-Version: 4.2.1 X-SA-Exim-Scanned: No (on mail.cs.msu.ru); Unknown failure Subject: Re: [devel] kernel.userns_restrict X-BeenThere: devel@lists.altlinux.org X-Mailman-Version: 2.1.12 Precedence: list Reply-To: ALT Linux Team development discussions List-Id: ALT Linux Team development discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 Nov 2021 11:29:46 -0000 Archived-At: List-Archive: List-Post: --8RqqAdjO8V+p4pHR Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 26, 2021 at 02:17:26PM +0300, Anton V. Boyarshinov wrote: > > > =D0=94=D0=BB=D1=8F chromium =D0=B2=D0=BE=D1=82 =D1=82=D1=83=D1=82 =D0= =B5=D1=81=D1=82=D1=8C =D0=BD=D0=B5=D0=BA=D0=BE=D1=82=D0=BE=D1=80=D1=8B=D0= =B5 =D0=BF=D0=BE=D0=B4=D1=80=D0=BE=D0=B1=D0=BD=D0=BE=D1=81=D1=82=D0=B8: > > >=20 > > > https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting= =2Emd#set > > > ting-up-chrome-linux-sandbox =20 > > "[recommended] Enable user namespace cloning:" > >=20 > > # sysctl kernel.unprivileged_userns_clone > > sysctl: cannot stat /proc/sys/kernel/unprivileged_userns_clone: =D0=9D= =D0=B5=D1=82 =D1=82=D0=B0=D0=BA=D0=BE=D0=B3=D0=BE=20 > > =D1=84=D0=B0=D0=B9=D0=BB=D0=B0 =D0=B8=D0=BB=D0=B8 =D0=BA=D0=B0=D1=82=D0= =B0=D0=BB=D0=BE=D0=B3=D0=B0 > >=20 > > # uname -r > > 5.10.80-std-def-alt1 > > =D0=BD=D0=B5=D0=B4=D0=BE=D1=81=D1=82=D0=B0=D1=82=D0=BE=D1=87=D0=BD=D0= =BE =D0=BD=D0=BE=D0=B2=D0=BE=D0=B5? >=20 > =D0=A3 =D0=BD=D0=B0=D1=81 =D0=B8=D1=81=D0=BF=D0=BE=D0=BB=D1=8C=D0=B7=D1= =83=D0=B5=D1=82=D1=81=D1=8F =D0=BD=D0=B5 =D1=82=D0=B0=D0=BA=D0=B0=D1=8F =D1= =80=D0=B5=D0=B0=D0=BB=D0=B8=D0=B7=D0=B0=D1=86=D0=B8=D1=8F =D1=8D=D1=82=D0= =BE=D0=B3=D0=BE =D0=BE=D0=B3=D1=80=D0=B0=D0=BD=D0=B8=D1=87=D0=B5=D0=BD=D0= =B8=D1=8F, =D0=BA=D0=B0=D0=BA =D0=B2 Debian. > =D0=98=D0=BC=D1=8F =D0=BF=D0=B0=D1=80=D0=B0=D0=BC=D0=B5=D1=82=D1=80=D0=B0= =D0=B8 =D1=81=D0=BC=D1=8B=D1=81=D0=BB =D0=B5=D0=B3=D0=BE =D0=B7=D0=BD=D0= =B0=D1=87=D0=B5=D0=BD=D0=B8=D0=B9 =D0=B4=D1=80=D1=83=D0=B3=D0=B8=D0=B5. =D0=A1=D0=B0=D0=BC=D0=BE =D0=BF=D0=BE =D1=81=D0=B5=D0=B1=D0=B5 =D1=8D=D1=82= =D0=BE =D0=BD=D0=B5 =D1=85=D0=BE=D1=80=D0=BE=D1=88=D0=BE =D0=B8 =D0=BD=D0= =B5 =D0=BF=D0=BB=D0=BE=D1=85=D0=BE... > =D0=A3 =D0=BD=D0=B0=D1=81 =D0=BA=D0=B0=D0=BA =D0=B2 Ubuntu.=20 =D0=9D=D0=B5=D1=82, =D1=83 =D0=BD=D0=B0=D1=81 =D0=BD=D0=B5 =D0=BA=D0=B0=D0= =BA =D0=B2 Ubuntu. =D0=A1=D0=BF=D0=B5=D1=88=D1=83 =D1=80=D0=B0=D0=B7=D0=BE=D1=87=D0=B0=D1=80= =D0=BE=D0=B2=D0=B0=D1=82=D1=8C: root@www-f7e3ae:~# grep D /etc/os-release ID=3Dubuntu ID_LIKE=3Ddebian VERSION_ID=3D"18.04" VERSION_CODENAME=3Dbionic UBUNTU_CODENAME=3Dbionic root@www-f7e3ae:~# sysctl kernel.unprivileged_userns_clone kernel.unprivileged_userns_clone =3D 0 root@www-f7e3ae:~# sysctl kernel.userns_restrict sysctl: cannot stat /proc/sys/kernel/userns_restrict: No such file or dir= ectory --8RqqAdjO8V+p4pHR Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE56JD3UKTLEu/ddrm9dQjyAYL01AFAmGgxRIACgkQ9dQjyAYL 01BKihAA2KmufNt5MswKHa9Qo7JbQiM4CEna2hnvxZHazQY67906HiN5dz8nHKq4 0zBD3hEvNuagp2tsVLeGhsGKZRYytQdGnX2IZ35bSKSmjpwoLo485bATeNX42Kg9 6/KubdYKPu+3Ud7cQ+kygAalTeoXWb+BaFz72n9AhuxNa/QBZzIdrkn4GTk1er0A 5c3qHek0vk5EcSorBXPhwgxq0e5gB+o9x/7cv0N6UIPwJtLs9qfXfgM0uiMkMh61 5vyYKNj5holJ+GfS4RILPyXHWBbDOP+JwdI4huQm0swELzWJYyZ+sglHsjnC6XCQ nY/CEPk/tLaRlT/OnldtD2D98KcGxU6yDWXVnHzlfUb3LaVgQ2MBhMlXZgWQ1PsY GYEXwqCM1FubctNFDNZn2OXOsNbgFYuQEMmZU3+otv53URbnWEk5pD/2/y4+WipJ gcrz5yTHebnYPGcz/A6p7KlS4SApvqRj+LWl2u5Q2qhEUsgvjym21/aoE/vCbfPq uGZBbqCtBzCXF3sW05e1AdmKwS51JPPmcvildgnWplF3PjpVj/c2EH8Ri1hkbQTS sa7yBmT7BQdVFIZ4QOzYvVn3qjXdF9Yl3QqI7HOtuYaqkGuZceBAfLg9EOgpeXxF 2YBtoHu1RYTm0w4ijrdjB6ZX04BxARem6WnomzGL2gZD3dhV1tE= =haRa -----END PGP SIGNATURE----- --8RqqAdjO8V+p4pHR--