diff --git a/sandbox/sandbox-linux.cpp b/sandbox/sandbox-linux.cpp index 1ebb002..4a17bd6 100644 --- a/sandbox/sandbox-linux.cpp +++ b/sandbox/sandbox-linux.cpp @@ -200,6 +200,18 @@ bool SandboxLinux::enablePreWorker(std::vector fsPaths) bool SandboxLinux::supported() { + std::fstream stream; + stream.open("/proc/sys/kernel/unprivileged_userns_clone"); + if(stream.is_open()) + { + std::string str; + stream >> str; + if(str[0] == '0') + { + Logger::error() << "Please write '1' to /proc/sys/kernel/unprivileged_userns_clone in order to enable sandboxing support on this system"; + return false; + } + } return true; } bool SandboxLinux::enableForWorker()