[CRIU] Dealing with other mount types
Andrew Vagin
avagin at odin.com
Fri Apr 3 04:56:03 PDT 2015
Hi all,
I want to share with you an idea which is inspired by Oleg's patches
about --skip-mnt.
Currenly we can't restore correctly lockes mounts. The first reason is
that we don't know which mounts are locked.
When an unprviliaged user unshares a mount namespace, all mounts in a
new mount namespace are marked as locked. So a user who create a mount
namespace knows which mounts are locked and he is able to create this
configuration again.
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/fs/namespace.c?id=e36cb0b89ce20b4f8786a57e8a6bc8476f577650#n958
What if a user (lxc, docker, etc) will restore these mounts and give
them to CRIU. For example, the following command means that /, /proc/,
/proc/sys/, /proc/sys/net are already mounted and criu should not care
about them:
criu restore --skip-mnt / --skip /proc --skip /proc/sys --skip /proc/sys/net --other arguments
More information about the CRIU
mailing list