
Ironically, if running sudo root the path to test-bwrap may be unreachable in the user namespace as root does not have permission, and CAP_DAC_OVERRIDE only works for mapped uids. Fix by using /proc/self/exe for nested bwrap.
Ironically, if running sudo root the path to test-bwrap may be unreachable in the user namespace as root does not have permission, and CAP_DAC_OVERRIDE only works for mapped uids. Fix by using /proc/self/exe for nested bwrap.