[CRIU] RPC support for --shell-job missing on restore

Allan Cecil ac at sonic.net
Fri May 16 09:50:49 PDT 2014 

On 2014-05-16 07:55, Ruslan Kuprieiev wrote:
> On 16.05.2014 17:22, Ruslan Kuprieiev wrote:
>> On 16.05.2014 17:20, Andrew Vagin wrote:
>>> On Fri, May 16, 2014 at 05:16:02PM +0300, Ruslan Kuprieiev wrote:
>>>> On 16.05.2014 17:08, Andrew Vagin wrote:
>>>>> On Fri, May 16, 2014 at 04:49:16PM +0300, Ruslan Kuprieiev wrote:
>>>>>> On 16.05.2014 16:28, Andrew Vagin wrote:
>>>>>>> On Fri, May 16, 2014 at 08:33:41AM -0400, Christopher Covington 
>>>>>>> wrote:
~snip~
>>>>>> If i get it right, there are some typos in check_ids() from 
>>>>>> security.c:
>>>>>> static bool check_ids(unsigned int crid, unsigned int rid, 
>>>>>> unsigned int eid,
>>>>>> unsigned int sid)
>>>>>> {
>>>>>>      if (crid == 0)
>>>>>>          return true;
>>>>>>      if (crid == rid && crid == eid && crid == sid) // Here 
>>>>>> probably should
>>>>>> be "||"s instead of "&&"s
>>>>>>          return true;
>>>>>> 
>>>>>>      pr_err("UID/GID mismatch %u != (%u,%u,%u)\n", crid, rid, eid, 
>>>>>> sid);
>>>>>>      return false;
>>>>>> }
>>>>>> 
>>>>>> Does it look right to you? If so, will send patch.
>>>>> Yes, it does. Is it correct that if we can kill a task, we should 
>>>>> be
>>>>> able to dump it?
>>>> Looks correct to me.
>>>> 
>>>>> static int kill_ok_by_cred(struct task_struct *t)
>>>>> {
>>>>>          const struct cred *cred = current_cred();
>>>>>          const struct cred *tcred = __task_cred(t);
>>>>> 
>>>>>          if (uid_eq(cred->euid, tcred->suid) ||
>>>>>              uid_eq(cred->euid, tcred->uid)  ||
>>>>>              uid_eq(cred->uid,  tcred->suid) ||
>>>>>              uid_eq(cred->uid,  tcred->uid))
>>>>>                  return 1;
>>>>> 
>>>>>          if (ns_capable(tcred->user_ns, CAP_KILL))
>>>>>                  return 1;
>>>>> 
>>>>>          return 0;
>>>>> }
>>>>> 
>>>> Sorry if I didn't get smth right, but where and why do you want to 
>>>> put this
>>>> function(kill_ok_by_cred)?
>>> This function from the linux kernel is used to check permission to 
>>> kill
>>> a "t" task
>> 
>> Oh, I see.=) Thanks.
>> Will send patch ASAP.
>> 
> 
> Done.

Thank you to everyone for the fast response on this!  Will this be 
checked in to the main git repository?  If so I'll try this out tonight. 
  Thanks again,

A.C.
******

More information about the CRIU mailing list