mirror of
				https://git.launchpad.net/livecd-rootfs
				synced 2025-10-25 05:54:16 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			17 lines
		
	
	
		
			832 B
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			17 lines
		
	
	
		
			832 B
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| # AppArmor restrictions of unprivileged user namespaces
 | |
| 
 | |
| # Allows to restrict the use of unprivileged user namespaces to applications
 | |
| # which have an AppArmor profile loaded which specifies the userns
 | |
| # permission. All other applications (whether confined by AppArmor or not) will
 | |
| # be denied the use of unprivileged user namespaces.
 | |
| #
 | |
| # See
 | |
| # https://gitlab.com/apparmor/apparmor/-/wikis/unprivileged_userns_restriction
 | |
| # https://gitlab.com/apparmor/apparmor/-/wikis/unprivileged_unconfined
 | |
| #
 | |
| # If it is desired to disable this restriction, it is preferable to create an
 | |
| # additional file named /etc/sysctl.d/20-apparmor.conf which will override this
 | |
| # current file and sets this value to 0 rather than editing this current file
 | |
| kernel.apparmor_restrict_unprivileged_userns = 0
 | |
| kernel.apparmor_restrict_unprivileged_unconfined = 1
 |