Test for /proc/self/ns/user instead of sysctl

2022-01-25 14:31:34 +01:00
parent 57ce2d3690
commit 1a6cb09ec9
1 changed files with 6 additions and 3 deletions
--- a/updates/helper/electron.go
+++ b/updates/helper/electron.go
@@ -23,10 +23,14 @@ func EnsureChromeSandboxPermissions(reg *updater.ResourceRegistry) error {
 		return nil
 	}

-	if checkSysctl("kernel.unprivileged_userns_clone", '1') {
-		log.Debug("updates: kernel support for unprivileged USERNS_CLONE is enabled")
+	_, err := os.Stat("/proc/self/ns/user")
+	if err == nil {
 		return nil
 	}
+	if !os.IsNotExist(err) {
+		return err
+	}
+	// err == ENOENT

 	if pmElectronUpdate != nil && !pmElectronUpdate.UpgradeAvailable() {
 		return nil
@@ -35,7 +39,6 @@ func EnsureChromeSandboxPermissions(reg *updater.ResourceRegistry) error {

 	log.Debug("updates: kernel support for unprivileged USERNS_CLONE disabled")

-	var err error
 	pmElectronUpdate, err = reg.GetFile(identifier)
 	if err != nil {
 		return err