On Mon, 07 Dec 2020 05:51:05 +0900
yasu wrote:
> Hi Zimoun,
>
> I tried as you suggested but it didn't work...
>
>
>root@guix ~# echo "kernel.unprivileged_userns_clone = 1" >
>/etc/sysctl.d/local.conf
>-bash: /etc/sysctl.d/local.conf: No such file or directory
This could mean you
This issue seems to be gone for me with kernel 5.10.x.
I guess it was a kernel bug then.
--
Pierre Neidhardt
https://ambrevar.xyz/
signature.asc
Description: PGP signature
Hi,
On Mon, 07 Dec 2020 at 21:35, Pierre Neidhardt wrote:
>> Thanks, that gives us a clue. So all or part of the path
>> '/proc/sys/kernel' is missing?
>
> Nope, my /proc/sys/kernel has 121 direct files and directories :/
Well, it is expected. And now all is clear. Explanations starting
Hi Pierre,
> # echo 1 > /proc/sys/kernel/unprivileged_userns_clone
> -bash: /proc/sys/kernel/unprivileged_userns_clone: No such file or
> directory
Thanks, that gives us a clue. So all or part of the path
'/proc/sys/kernel' is missing?
Best regards,
Paul.
Hi Paul,
> Can you try, as root on Guix System:
>
> $ echo 1 > /proc/sys/kernel/unprivileged_userns_clone
# echo 1 > /proc/sys/kernel/unprivileged_userns_clone
-bash: /proc/sys/kernel/unprivileged_userns_clone: No such file or directory
--
Pierre Neidhardt
https://ambrevar.xyz/
signature.asc
Hi Pierre,
On Mon, 07 Dec 2020 at 12:57, Pierre Neidhardt wrote:
> Guix' bug?
You get something as:
$ guix environment -C guix
guix environment: error: cannot create container: unprivileged user cannot
create user namespaces
guix environment: error: please set
Just FYI (sorry to interject) , my original email was stripped of html
elements? anyway, I was referring to this link
https://security.stackexchange.com/questions/209529/what-does-enabling-kernel-unprivileged-userns-clone-do#comment442083_209533
-Yasu
> On Dec 7, 2020, at 21:31, Paul Garlick
Hi!
I can reproduce the issue since I 'recondigure'd my Guix System.
I'm on cebfb29abb151ede95696181d2446c63504593d7.
Guix' bug?
--
Pierre Neidhardt
https://ambrevar.xyz/
signature.asc
Description: PGP signature
Hi Pierre,
Can you try, as root on Guix System:
$ echo 1 > /proc/sys/kernel/unprivileged_userns_clone
If you could report success or failure that would be helpful; the
unprivileged-user-namespace-supported? test in gnu/build/linux-
container.scm should be the same irrespective of the underlying
Hi All,
I believe the recommended suggestion is Debian specific is it not?
My kernel supports user namespaces and doesn't expose that file at that
location.
The only way I can work around the issue is to downgrade guix to the commit
on the master branch right before
Hi Zimoun,
I tried as you suggested but it didn't work...
root@guix ~# echo "kernel.unprivileged_userns_clone = 1" >
/etc/sysctl.d/local.conf
-bash: /etc/sysctl.d/local.conf: No such file or directory
root@guix ~# sysctl --system
root@guix ~# logout
~$ guix environment -C
Hi,
Please try the recommendation. Have you tried it?
please set /proc/sys/kernel/unprivileged_userns_clone to "1"
As root, you just do:
echo 1 > /proc/sys/kernel/unprivileged_userns_clone
then “guix environment -C” should work as expected. To do the trick
automatically with Sheperd, I
yasu 写道:
Now, I don't use Debian at all (I use Guix System) and do you
think
this is a Bug in Guix (in that this Debian specific word should
never
even be mentioned in Guix?)
It's not Debian-specific. It is a bug in Guix.
It should try to create a namespace and properly report an error
Hi,
I really don't know much about Linux but it looks like the problem I
reported has something to do with Debian?
https://unix.stackexchange.com/questions/303213/how-to-enable-user-namespaces-in-the-kernel-for-unprivileged-unshare
Now, I don't use Debian at all (I use Guix System) and do you
14 matches
Mail list logo