Assemble the list of userns-scoped sysctls

Some sysctls are modifiable in a user namespace, some are not. We should have the list of such sysctls.
This work is hard, but the list of sysctls that cannot be even read can be easily identified:
```console
$ uname -a
Linux suda-ws01 5.11.0-17-generic #18-Ubuntu SMP Thu May 6 20:10:11 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux

$ unshare -rminpCTf --mount-proc sysctl -a >/dev/null
sysctl: permission denied on key 'fs.protected_fifos'
sysctl: permission denied on key 'fs.protected_hardlinks'
sysctl: permission denied on key 'fs.protected_regular'
sysctl: permission denied on key 'fs.protected_symlinks'
sysctl: permission denied on key 'kernel.apparmor_display_secid_mode'
sysctl: permission denied on key 'kernel.cad_pid'
sysctl: permission denied on key 'kernel.unprivileged_userns_apparmor_policy'
sysctl: permission denied on key 'kernel.usermodehelper.bset'
sysctl: permission denied on key 'kernel.usermodehelper.inheritable'
sysctl: permission denied on key 'vm.mmap_rnd_bits'
sysctl: permission denied on key 'vm.mmap_rnd_compat_bits'
sysctl: permission denied on key 'vm.stat_refresh'
```

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Assemble the list of userns-scoped sysctls #34

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Assemble the list of userns-scoped sysctls #34

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions