From 6eb47daf84f2462488d252a0505ade14e6a31e25 Mon Sep 17 00:00:00 2001 From: Albert S Date: Mon, 28 Mar 2022 19:25:55 +0200 Subject: [PATCH] README: Update Debian section --- README.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 854c5b0..4196b5e 100644 --- a/README.md +++ b/README.md @@ -184,7 +184,7 @@ TODO: ## Requirements Kernel >=3.17 -While mostly transparent to users of this API, kernel >= 5.13 is required to take advantage of Landlock and furthermore it depends on distro-provided kernels being reasonable and enabling it by default. In practise, this means that Landlock probably won't be used for now, and exile.h will use a combination of namespaces, bind mounts and chroot as fallbacks. +While mostly transparent to users of this API, kernel >= 5.13 is required to take advantage of Landlock. Furthermore, it depends on distro-provided kernels being reasonable and enabling it by default. In practise, this means that Landlock probably won't be used for now, and exile.h will use a combination of namespaces, bind mounts and chroot as fallbacks. ## FAQ @@ -194,12 +194,12 @@ While mostly transparent to users of this API, kernel >= 5.13 is required to tak No. -### It doesn't work on Debian! - -You can thank a Debian-specific kernel patch for that. In the future, -the library may check against that. Execute +### It doesn't work on my Debian version! +You can thank a Debian-specific kernel patch for that. Execute `echo 1 > /proc/sys/kernel/unprivileged_userns_clone` to disable that patch for now. +Note that newer releases should not cause this problem any longer, as [explained](https://www.debian.org/releases/bullseye/amd64/release-notes/ch-information.en.html#linux-user-namespaces) in the Debian release notes. + ### Examples - looqs: https://gitea.quitesimple.org/crtxcr/looqs - qswiki: https://gitea.quitesimple.org/crtxcr/qswiki