Firejail: https://firejail.wordpress.com/support/#userns outdated
Arch Linux has supported user namespaces in the linux package/s since version 4.14.4-2. The bug mentioned is closed.
polyzen
All 4 comments
It's supported but still disabled by default. It's exactly what Debian does for a long time.
Vincent43
on 27 Mar 2018
Thanks, I modified the web page. The problem was user namespace wasn't compiled in the kernel, so they put it in and disabled it. We can use it even if it is disabled.
netblue30
on 27 Mar 2018
@Vincent43 it's enabled for root though (or other similarly-priviledged users), right? Since firejail uses SUID, is it able to use namespaces?
I did noticed that I no longer get the Warning: noroot option is not available on Arch. I'm not sure if this is because namespaces are now compiled in but non-accessible to firejail, or if firejail is actually able to use them.
Fred-Barclay
on 28 Mar 2018
@Fred-Barclay yes, I should say "restricted" rather than "disabled". I have no idea if firejail use namespaces when they're restricted to root. Maybe @netblue30 could clear that for us. Also I read that privileged namespaces have no security value.
Vincent43
on 28 Mar 2018
Related issues
ericschdt
路
3Comments
fl-chris
路
4Comments
bryce-lynch
路
4Comments
kruthe01
路
4Comments
thiswillbeyourgithub
路
3Comments
Most helpful comment
@Fred-Barclay yes, I should say "restricted" rather than "disabled". I have no idea if firejail use namespaces when they're restricted to root. Maybe @netblue30 could clear that for us. Also I read that privileged namespaces have no security value.