[CRIU] Can't launch unshare with -U or -r as unprivileged user
Allan Cecil
ac at sonic.net
Tue Jun 3 22:46:02 PDT 2014
Greetings,
I am still working toward using CRIU for the nethack-tas-tools project
but I'm continuing to run into various problems when running CRIU as an
unprivileged user. With the fixes from earlier it is now possible for
me to use the Python RPC script I mentioned before to checkpoint a
screen session. Unfortunately, restoring it is hit and miss, and often
fails with various problems such as the PID not being the expected PID.
Cyril suggested compiling and using the latest unshare and passing in
something along the lines of this: unshare -uimpn -- bash -c "(bash)"
Unfortunately, this fails on unshare from util-linux 2.24.903-56ce
because virtually all of the flags require root privileges. The manpage
talks about using -U and -r instead to allow unshare to run without
resorting to sudo (which is not available to the unprivileged user
account in use). The issue is unshare -U or unshare -r always fails
with the following error message: unshare: unshare failed: Invalid
argument
My question is, do I need to compile unshare (util-linux from git) with
a particular flag to allow the -U option to work? Should I be doing
something else entirely, such as figuring out some way to carefully
craft a sudo exception to allow an unprivileged user to do this (and if
I go that direction, is there a way to do it and maintain a sense of
security in the system)? Better question - will the -U -r flags allow
an unprivileged user to execute at least the -p flag without being in
sudoers, or am I trying something impossible?
I have lots of questions but I'll keep investigating in the meantime.
Thanks in advance,
A.C.
******
More information about the CRIU
mailing list