[CRIU] [PATCH 0/11] Non-privileged dump
Andrew Vagin
avagin at virtuozzo.com
Tue Dec 22 06:48:48 PST 2015
On Tue, Dec 15, 2015 at 10:23:29PM +0300, Pavel Emelyanov wrote:
> Hi,
>
> This is the first part of patches that make criu somehow work for
> non-root user. "Somehow" means there are restrictions that come
> from kernel security model.
>
> So, first, dump cannot work yet because of /proc/pid/map_files/ and
> several more proc files protections, but this all can be fixed,
> this set does this.
>
> Restore is trickier part and is not fixed with this set. However,
> even dump-only for non-root might make sense. E.g. for advanced
> debugging when one dumps an app on production node with non-root
> rights, then gets images to devel node with root access and plays
> with them.
>
> However, restore for non-root is also possible with more limitations
> and it will come later.
>
> -- Pavel
Looks-good-to-me: Andrew Vagin <avagin at virtuozzo.com>
> _______________________________________________
> CRIU mailing list
> CRIU at openvz.org
> https://lists.openvz.org/mailman/listinfo/criu
More information about the CRIU
mailing list