no longer set kernel.unprivileged_userns_clone=0

because it breaks too much

fixes https://github.com/Kicksecure/security-misc/issues/274

usr/lib/sysctl.d/990-security-misc.conf

@@ -142,10 +142,11 @@ kernel.sysrq=0
 ## https://github.com/Kicksecure/security-misc/pull/263
 ## https://github.com/Kicksecure/security-misc/issues/274
 ##
-## KSPP=partial
-## KSPP sets sysctls kernel.unprivileged_userns_clone=0 and user.max_user_namespaces=0.
+## KSPP=no
+## KSPP sets user.max_user_namespaces=0 sysctl, a Linux mainline, stricter setting.
 ##
-kernel.unprivileged_userns_clone=0
+## kernel.unprivileged_userns_clone is a Debian specific kernel feature. Not Linux mainline.
+#kernel.unprivileged_userns_clone=0
 ## Uncomment the following sysctl to entirely disable user namespaces.
 #user.max_user_namespaces=0