[CRIU] [PATCH 5/5] userns: restore gid and uid maps
Pavel Emelyanov
xemul at parallels.com
Tue Feb 11 10:31:52 PST 2014
On 02/11/2014 05:09 PM, Andrew Vagin wrote:
> On Tue, Feb 11, 2014 at 09:29:05AM +0400, Pavel Emelyanov wrote:
>> On 02/11/2014 09:21 AM, Andrew Vagin wrote:
>>> On Tue, Feb 11, 2014 at 08:50:35AM +0400, Pavel Emelyanov wrote:
>>>> On 02/11/2014 12:58 AM, Andrey Vagin wrote:
>>>>> Signed-off-by: Andrey Vagin <avagin at openvz.org>
>>>>> ---
>>>>> cr-restore.c | 9 +++++++++
>>>>> include/namespaces.h | 2 ++
>>>>> namespaces.c | 45 +++++++++++++++++++++++++++++++++++++++++++++
>>>>> 3 files changed, 56 insertions(+)
>>>>>
>>>>> diff --git a/cr-restore.c b/cr-restore.c
>>>>> index afc3656..7d02812 100644
>>>>> --- a/cr-restore.c
>>>>> +++ b/cr-restore.c
>>>>> @@ -1236,6 +1236,12 @@ static int restore_task_with_children(void *_arg)
>>>>> if (restore_finish_stage(CR_STATE_RESTORE_NS) < 0)
>>>>> exit(1);
>>>>>
>>>>> + /* UID and GID must be set after restoring /proc/PID/{uid,gid}_maps */
>>>>
>>>> Who did it _before_ this code?
>>>
>>> It is required for userns only, but it does nothing in other cases.
>>
>> So the answer is -- if get_clone_mask() generates it, then tasks will
>> live in user-ns from the very beginning, right?
>>
>> You told that lots of thing on restore didn't work in that case, e.g.
>> mounting file systems, or prctls. What has changed since then?
>
> Nothing. Look at the first mail. There is the "known issue" section.
>
> We need to fix kernel for restoring processes in userns.
Plz, start patching the kernel and sending the patches. And, I really
want CRIU not to stop working after patching it with this set on 3.11.
More information about the CRIU
mailing list