[CRIU] Changing process environ, euid
Ruslan Kuprieiev
kupruser at gmail.com
Thu Jan 8 09:07:05 PST 2015
Hi Rektide,
On 01/08/2015 05:54 AM, rektide at voodoowarez.com wrote:
> Hello,
>
> What means does CRIU use to set up a process environ? I'm hoping there is some wisdom this particular
> instrumentation group can lend, and I'm hoping there's some really bad nasty awful means to manipulate environ
> of a running process. I'm also curious about how euid is setup, and whether there's any available ways to
> instrument a process euid in linux?
>
> There are dozens of questions about this on Stackoverflow and on the net. These are two of the most maximally
> helpful pieces of guidances I've seen;
> http://unix.stackexchange.com/questions/38205/change-environment-of-a-running-process
> http://superuser.com/questions/56884/change-euid-of-running-process
>
> Forgive me for the ask for an education lesson, but I'd like to wade further into asking for being set straight-
> Are char*'s returned by getenv() or environ() something one could modify directly, if in-advisably? If so, could
> one cross-memory-attach that memory space? Will there be any buffer in the user memory space before or after the
> environs segment?
>
> What is up with euid? How and where is that retained and how does criu deal with that? I was shocked that I was
> unable to come up with any userspace way to see a processes euid. I was kind of expecting a /proc/n/euid or some
> such. One unanswered ask:
> http://stackoverflow.com/questions/26515924/find-effective-id-euid-for-process-with-pid-some-number
>
> ---
>
As Christopher has noticed, you could achieve all that by dumping a
task, changing what you need to change in the imgs and restoring it back:
1) criu dump task
2) Convert criu_image.img(image that contains what you need to change.
cd criu/protobuf + grep euid ./*.proto should give you some hints)
crit convert -i criu_image.img -o criu_image.json
3) open criu_image.json and change anything you want to change
4) crit convert -i criu_image.json -o criu_image.img
5) criu restore task
(Note that crit is not currently in the official repo, but you could
find most recent patches in the mailing list and apply it yourself)
But it will require killing an old task and restoring a new one with
modified data, as we currently can't just modify
a running process, but it is in our Todo list (see [1]).
The way we want to implement that is by using parasite(see [2])
mechanism, which we currently use to obtain some data from a process.
Or maybe you could try to use [2] directly to just change an environ
and euid, just the way people on stackoverflow suggested to use gdb to
do that.
Thanks,
Ruslan
[1] http://criu.org/Applying_images
[2] https://github.com/jtRIPper/parasite
More information about the CRIU
mailing list