[CRIU] [PATCH 0/11] Non-privileged dump

Andrew Vagin avagin at virtuozzo.com
Tue Dec 22 06:48:48 PST 2015


On Tue, Dec 15, 2015 at 10:23:29PM +0300, Pavel Emelyanov wrote:
> Hi,
> 
> This is the first part of patches that make criu somehow work for
> non-root user. "Somehow" means there are restrictions that come
> from kernel security model.
> 
> So, first, dump cannot work yet because of /proc/pid/map_files/ and
> several more proc files protections, but this all can be fixed,
> this set does this.
> 
> Restore is trickier part and is not fixed with this set. However,
> even dump-only for non-root might make sense. E.g. for advanced
> debugging when one dumps an app on production node with non-root
> rights, then gets images to devel node with root access and plays
> with them.
> 
> However, restore for non-root is also possible with more limitations
> and it will come later.
> 
> -- Pavel

Looks-good-to-me: Andrew Vagin <avagin at virtuozzo.com>

> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu


More information about the CRIU mailing list