Enable sandboxing by default

Closes #179.

tests/common.sh.in

@@ -85,16 +85,13 @@ killDaemon() {
     trap "" EXIT
 }
 
+if [[ $(uname) == Linux ]] && [[ -L /proc/self/ns/user ]] && unshare --user true; then
+    _canUseSandbox=1
+fi
+
 canUseSandbox() {
-    if [[ $(uname) != Linux ]]; then return 1; fi
-
-    if [ ! -L /proc/self/ns/user ]; then
-        echo "Kernel doesn't support user namespaces, skipping this test..."
-        return 1
-    fi
-
-    if ! unshare --user true ; then
-        echo "Unprivileged user namespaces disabled by sysctl, skipping this test..."
+    if [[ ! $_canUseSandbox ]]; then
+        echo "Sandboxing not supported, skipping this test..."
         return 1
     fi
 

tests/init.sh

@@ -16,6 +16,7 @@ mkdir "$NIX_CONF_DIR"
 cat > "$NIX_CONF_DIR"/nix.conf <<EOF
 build-users-group =
 keep-derivations = false
+sandbox = false
 include nix.conf.extra
 EOF