[CRIU] [PATCH 5/5] userns: restore gid and uid maps
Pavel Emelyanov
xemul at parallels.com
Mon Feb 10 21:29:05 PST 2014
On 02/11/2014 09:21 AM, Andrew Vagin wrote:
> On Tue, Feb 11, 2014 at 08:50:35AM +0400, Pavel Emelyanov wrote:
>> On 02/11/2014 12:58 AM, Andrey Vagin wrote:
>>> Signed-off-by: Andrey Vagin <avagin at openvz.org>
>>> ---
>>> cr-restore.c | 9 +++++++++
>>> include/namespaces.h | 2 ++
>>> namespaces.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
>>> 3 files changed, 56 insertions(+)
>>>
>>> diff --git a/cr-restore.c b/cr-restore.c
>>> index afc3656..7d02812 100644
>>> --- a/cr-restore.c
>>> +++ b/cr-restore.c
>>> @@ -1236,6 +1236,12 @@ static int restore_task_with_children(void *_arg)
>>> if (restore_finish_stage(CR_STATE_RESTORE_NS) < 0)
>>> exit(1);
>>>
>>> + /* UID and GID must be set after restoring /proc/PID/{uid,gid}_maps */
>>
>> Who did it _before_ this code?
>
> It is required for userns only, but it does nothing in other cases.
So the answer is -- if get_clone_mask() generates it, then tasks will
live in user-ns from the very beginning, right?
You told that lots of thing on restore didn't work in that case, e.g.
mounting file systems, or prctls. What has changed since then?
More information about the CRIU
mailing list