On Thu, 2 Feb 2017 05:13:46 +0100 sivmu <sivmu@web.de> wrote:
Am 02.02.2017 um 05:10 schrieb Maxwell Anselm via arch-general:
All those distros, everyone except arch has decided at some point to no longer restrict the use of unprivileged user namespaces.
In no way whatsoever does Arch restrict the use of unprivileged user namespaces. Rebuilding your kernel with them enabled is a trivial task for any user familiar with ABS. If you feel this strongly about it please write a wiki article about the benefits/tradeoffs and link it with the relevant application articles (Firejail, Security, etc.).
Max
This issue is about the default arch kernel disabling user namespaces and the consequence that many applications have to use insecure workarounds like suid to still work on arch.
This has nothing to do with the gernal ability to user user namespaces on arch, this is about the default kernel.
You have said multiple times that Arch is restricting this. They're not. It's simply not there by default, like just about everything in Arch. Build your own kernel and move on.