[CRIU] Checkpoint/restore as non-root user

[Pavel Emelyanov]

On 09/20/2014 07:21 AM, Filipe Brandenburger wrote:
> Hi,
> 
> Have you considered using CRIU to checkpoint/restore processes without
> requiring root privileges?

We did. And so far we have two options for that -- launching criu
as rpc service or giving the binary the suid bit.

When used like this some security restrictions apply, we collected
them at http://criu.org/Security

> Of course that means the dumped/restored state might not be complete,
> but I can see that it should be possible to preserve information about
> the memory state and file descriptors (while not possible to preserve
> PIDs, mounts, pending socket buffers, etc.)

There will be problems with injecting parasite code -- the /proc/pid/map_files/ 
links used to do this are CAP_SYS_<something> :(

> This might be interesting for scenarios such as these (from
> http://criu.org/Usage_scenarios):
> - "Save" ability in apps (games), that don't have such
> - Snapshots of apps
> 
> That could be interesting even if changes to the application would be
> necessary to support dump and restore. For example, if it was required
> to link to a criu library and have the software call checkpoint()
> periodically, and to handle restore from the application code as well.

Yup, we've seen this case. If in library callers doesn't set the pid to
dump the criu_dump() would dump the calling process :)

> So, have you considered this possibility? Would that be something you
> would be interested in having CRIU do? Or do you think that's not what
> CRIU is all about and that it would be better handled by a different
> project instead?

We certainly consider this possibility. If you find the described way of
doing this inappropriate, then we're fully open to discuss and improve it.

Thanks,
Pavel