shenmo7192/sbs-scripts
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

bwrap config

Browse Source
This commit is contained in:
shenmo
2025-04-08 15:25:30 +08:00
parent d85d26ad86
commit d4d6a4f960
1 changed files with 13 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
amd64/additional-base-lib/build.sh
View File

@@ -274,6 +274,19 @@ echo " libstdc++6 download URL: $LIBSTDCxx6_DOWNLOAD_URL" >> ./deb-contents/DEBI
echo >> ./deb-contents/DEBIAN/control echo >> ./deb-contents/DEBIAN/control
check $? check $?
mkdir -p ./deb-contents/usr/lib/sysctl.d/
cat > ./deb-contents/usr/lib/sysctl.d/additional-base-lib.conf << 'EOF'
# ACE app runs in a container, need privileges within user namespace, so we need to set it
kernel.unprivileged_userns_clone=1
# Ubuntu 24.04 has more limitation on unprivileged user namespace,so we have to disable them.
# refer to https://ubuntu.com/blog/ubuntu-23-10-restricted-unprivileged-user-namespaces
kernel.apparmor_restrict_unprivileged_unconfined=0
kernel.apparmor_restrict_unprivileged_userns=0
EOF
echo echo
echo "build deb package:" echo "build deb package:"
dpkg-deb -Z xz -b ./deb-contents "./additional-base-lib_${GLIBC_VERSION}-${ABL_VERSION}_${DEBIAN_DEB_ARCH}.deb" dpkg-deb -Z xz -b ./deb-contents "./additional-base-lib_${GLIBC_VERSION}-${ABL_VERSION}_${DEBIAN_DEB_ARCH}.deb"