[CRIU] [PATCH 4/5] userns: parse /proc/PID/{u,g}id_map
Pavel Emelyanov
xemul at parallels.com
Mon Feb 10 21:27:32 PST 2014
On 02/11/2014 09:17 AM, Andrew Vagin wrote:
> On Tue, Feb 11, 2014 at 08:47:48AM +0400, Pavel Emelyanov wrote:
>> On 02/11/2014 12:58 AM, Andrey Vagin wrote:
>>> Signed-off-by: Andrey Vagin <avagin at openvz.org>
>>> ---
>>> namespaces.c | 107 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++--
>>> 1 file changed, 105 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/namespaces.c b/namespaces.c
>>> index 8119d99..524b47b 100644
>>> --- a/namespaces.c
>>> +++ b/namespaces.c
>>> @@ -15,6 +15,7 @@
>>>
>>> #include "protobuf.h"
>>> #include "protobuf/ns.pb-c.h"
>>> +#include "protobuf/userns.pb-c.h"
>>>
>>> static struct ns_desc *ns_desc_array[] = {
>>> &net_ns_desc,
>>> @@ -388,12 +389,114 @@ int gen_predump_ns_mask(void)
>>> return 0;
>>> }
>>>
>>> -static int dump_user_ns(pid_t pid, int ns_id)
>>> +static int parse_id_map(pid_t pid, char *name, UidGidExtent ***pb_exts)
>>> {
>>> - pr_err("User namesapces are not supported yet\n");
>>> + UidGidExtent *extents = NULL;
>>> + int len = 0, size = 0, fd, ret, i;
>>> + FILE *f;
>>> +
>>> + fd = open_proc(pid, "%s", name);
>>
>> fd is left opened.
>
> No, it isn't
>
> The file descriptor is not dup'ed, and will be closed when the
> stream created by fdopen() is closed
OK
>>
>>> + if (fd < 0) {
>>> + pr_perror("Unable to open %s", name);
>>> + return -1;
>>
>> Will it always fail on Fedora with USER_NS turned off?
>
> It is executed only if a processes executed in another userns
I see. Then if there's no user namespaces in the kernel, the
gen_ns_id from patch #1 will fail thus failing the dump, won't it?
More information about the CRIU
mailing list