Namespaces

Some portable packages use user namespaces for sandboxing, which may be restricted on certain systems.

Common Errors

clone failed: Operation not permitted

user namespaces are not enabled

Solutions

Enable User Namespaces

Check current setting:

sysctl kernel.unprivileged_userns_clone

Enable temporarily:

sudo sysctl -w kernel.unprivileged_userns_clone=1

Enable permanently:

echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/userns.conf
sudo sysctl --system

Debian/Ubuntu Specific

Use --no-sandbox

Some applications accept --no-sandbox flag (use with caution).