vikarti.anatra/safing-portmaster
1
0
Fork 0
mirror of https://github.com/safing/portmaster synced 2025-09-02 18:49:14 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Test for /proc/self/ns/user instead of sysctl

Browse source
This commit is contained in:
Patrick Pacher 2022-01-25 14:31:34 +01:00
parent 57ce2d3690
commit 1a6cb09ec9
1 changed files with 6 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
updates/helper/electron.go
View file

@ -23,10 +23,14 @@ func EnsureChromeSandboxPermissions(reg *updater.ResourceRegistry) error {
return nil return nil
} }
if checkSysctl("kernel.unprivileged_userns_clone", '1') { _, err := os.Stat("/proc/self/ns/user")
log.Debug("updates: kernel support for unprivileged USERNS_CLONE is enabled") if err == nil {
return nil return nil
} }
if !os.IsNotExist(err) {
return err
}
// err == ENOENT
if pmElectronUpdate != nil && !pmElectronUpdate.UpgradeAvailable() { if pmElectronUpdate != nil && !pmElectronUpdate.UpgradeAvailable() {
return nil return nil
@ -35,7 +39,6 @@ func EnsureChromeSandboxPermissions(reg *updater.ResourceRegistry) error {
log.Debug("updates: kernel support for unprivileged USERNS_CLONE disabled") log.Debug("updates: kernel support for unprivileged USERNS_CLONE disabled")
var err error
pmElectronUpdate, err = reg.GetFile(identifier) pmElectronUpdate, err = reg.GetFile(identifier)
if err != nil { if err != nil {
return err return err