[CRIU] Checkpoint/restore as non-root user

Pavel Emelyanov xemul at parallels.com
Mon Sep 22 01:02:45 PDT 2014


On 09/20/2014 07:21 AM, Filipe Brandenburger wrote:
> Hi,
> 
> Have you considered using CRIU to checkpoint/restore processes without
> requiring root privileges?

We did. And so far we have two options for that -- launching criu
as rpc service or giving the binary the suid bit.

When used like this some security restrictions apply, we collected
them at http://criu.org/Security

> Of course that means the dumped/restored state might not be complete,
> but I can see that it should be possible to preserve information about
> the memory state and file descriptors (while not possible to preserve
> PIDs, mounts, pending socket buffers, etc.)

There will be problems with injecting parasite code -- the /proc/pid/map_files/ 
links used to do this are CAP_SYS_<something> :(

> This might be interesting for scenarios such as these (from
> http://criu.org/Usage_scenarios):
> - "Save" ability in apps (games), that don't have such
> - Snapshots of apps
> 
> That could be interesting even if changes to the application would be
> necessary to support dump and restore. For example, if it was required
> to link to a criu library and have the software call checkpoint()
> periodically, and to handle restore from the application code as well.

Yup, we've seen this case. If in library callers doesn't set the pid to
dump the criu_dump() would dump the calling process :)

> So, have you considered this possibility? Would that be something you
> would be interested in having CRIU do? Or do you think that's not what
> CRIU is all about and that it would be better handled by a different
> project instead?

We certainly consider this possibility. If you find the described way of
doing this inappropriate, then we're fully open to discuss and improve it.

Thanks,
Pavel



More information about the CRIU mailing list