From 1e150144e66ba1cc28e757862b1cf71176ef7722 Mon Sep 17 00:00:00 2001
From: Albert S <mail@quitesimple.org>
Date: Mon, 12 Aug 2019 09:06:32 +0200
Subject: [PATCH] sandboxing: check whether debian specific patch disables user
 namespaces for unpriv users

---
 sandbox/sandbox-linux.cpp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/sandbox/sandbox-linux.cpp b/sandbox/sandbox-linux.cpp
index ad31d49..2add804 100644
--- a/sandbox/sandbox-linux.cpp
+++ b/sandbox/sandbox-linux.cpp
@@ -196,6 +196,19 @@ bool SandboxLinux::enablePreWorker(std::vector<std::string> fsPaths)
 
 bool SandboxLinux::supported()
 {
+	std::fstream stream;
+	stream.open("/proc/sys/kernel/unprivileged_userns_clone");
+	if(stream.is_open())
+	{
+		std::string str;
+		stream >> str;
+		if(str[0] == '0')
+		{
+			Logger::error() << "Please write '1' to /proc/sys/kernel/unprivileged_userns_clone in order to enable "
+							   "sandboxing support on this system";
+			return false;
+		}
+	}
 	return true;
 }
 bool SandboxLinux::enableForWorker()