Chris's Wiki :: blog/linux/OverlayfsNoMore Commentshttps://utcc.utoronto.ca/~cks/space/blog/linux/OverlayfsNoMore?atomcommentsDWiki2017-03-09T14:53:13ZRecent comments in Chris's Wiki :: blog/linux/OverlayfsNoMore.By Simon Deziel on /blog/linux/OverlayfsNoMoretag:CSpace:blog/linux/OverlayfsNoMore:f52e8da2da75b5e52ca9c88992eb5ccb662ea96aSimon Dezielhttps://sdeziel.info<div class="wikitext"><p>Fortunately, user namespaces creation can be restricted to privileged users:</p>
<pre>
$ cat /etc/sysctl.d/60-unprivileged-userns-clone.conf
# Prevent unprivileged users cloning userns
kernel.unprivileged_userns_clone = 0
</pre>
</div>2017-03-09T14:53:13ZBy Alan on /blog/linux/OverlayfsNoMoretag:CSpace:blog/linux/OverlayfsNoMore:097fd95c101f5401a6b10b7e3a19bd3ef0e84270Alanhttps://twitter.com/sourcejedi<div class="wikitext"><p>Debian has a sysctl patched in. It's shame if Ubuntu didn't pick it up.</p>
<p><a href="http://lwn.net/Articles/673597/">http://lwn.net/Articles/673597/</a></p>
</div>2016-02-23T15:07:08Z