[CRIU] RPC support for --shell-job missing on restore
Pavel Emelyanov
xemul at parallels.com
Wed May 14 06:03:12 PDT 2014
On 05/14/2014 01:48 PM, Andrew Vagin wrote:
> On Wed, May 14, 2014 at 12:12:00AM -0700, Allan Cecil wrote:
>> Greetings,
>>
>> This script always responds with a failure such as Error (tty.c:1218): tty: Standard stream is not a terminal, aborting.
> This seems to imply that the --shell-job option is not being respected on an RPC restore, but this is just a guess on
> my part. So far, I have been unable to find a way for an unprivileged user can restore an application into screen. I
> have also found no way for an unprivileged user to restore a screen session itself, as it always fails due to UID
> security violations. I have been unable to get any success by modifying the suid bit either, as that also complains
> about security violations.
>
> A session can be only inherited, so shell-job doesn't have sense for RPC.
Yes. More exactly -- if we make RPC respect --shell-job at restore time the
session and stdios will be inherited from criu-service daemon, not from the
SCREEN process.
Do I understand it correctly, that you want to restore your process back as
a child and session member of the SCREEN?
> You can set SUID bit for the criu binary and execute it directly.
>
> A bit more info you can find here:
> http://lists.openvz.org/pipermail/criu/2014-March/013257.html
I agree. If it's possible to just run criu restore from screen, then it will
do the trick, but in that case you will get this process hierarchy:
SCREEN
`- criu restore
`- your-restored-app
Thanks,
Pavel
More information about the CRIU
mailing list