- Requires kernel >= 4.18 with CONFIG_USER_NS=yes and sysctl kernel.unprivileged_userns_clone = 1
- The /dev/fuse device must be already present because creating it requires CAP_MKNOD, which is not governed by a name space
- Can be tested with
- unshare --user --map-root-user --mount
- Bind mount /dev /sys /proc /etc/resolv.conf onto a Ubuntu root fs
- chroot into the Ubuntu root fs, run sshfs
- We should check wether we can connect to the same shared cache manager from multiple name spaces