Quoting Eric W. Biederman (ebiederm at xmission.com): > "Serge E. Hallyn" <serue at us.ibm.com> writes: > So in summary my only real complaint with removing CONFIG_USER_NS is > that it appears to me that the code is incomplete and has not been > closely scrutinized. As such making it available to end users without Valid complaint. > even a warning when that is the case appears irresponsible. > Especially as much of the code that is sitting in Andrews tree is > merged into the production kernel, when the window opens. An experimental marker like Cedric introduced does seem a good idea. It's just too bad that it complicates the testing quite a bit. I'm still not sure whether just running ltp on a CONFIG_USER_NS=n kernel suffices or whether custom testcases are needed. -serge