[CRIU] Dealing with other mount types

Tycho Andersen tycho.andersen at canonical.com
Thu Mar 26 07:48:03 PDT 2015 

Hi Andrew,

On Thu, Mar 26, 2015 at 05:34:34PM +0300, Andrew Vagin wrote:
> On Wed, Mar 25, 2015 at 08:11:39PM +0300, Andrew Vagin wrote:
> > On Wed, Mar 25, 2015 at 08:09:38AM -0600, Tycho Andersen wrote:
> > > On Wed, Mar 25, 2015 at 04:05:57PM +0300, Pavel Emelyanov wrote:
> > > > On 03/24/2015 09:57 PM, Tycho Andersen wrote:
> > > I don't think so, because it's not external. In:
> > > 
> > > 79 44 0:38 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
> > > 80 81 0:38 /sys/net /proc/sys/net rw,nosuid,nodev,noexec,relatime - proc proc rw
> > > 81 79 0:38 /sys /proc/sys ro,nosuid,nodev,noexec,relatime - proc proc rw
> > > 
> > > Here /proc/sys/net is mounted in the /sys dir of it's root fs, which is /proc,
> > > which itself is mounted at /proc in /. None of those are external bind mounts,
> > > the paths given as the mount point are just relative to their parent mount
> > > instead of the rootfs. So I think (?) all we need to do is walk these paths
> > > correctly, and not ask anything else of the user.
> > 
> > I have written a test which reproduces this configuration and CRIU
> > doesn't report any error. The test fails as expected, becuase CRIU
> > doesn't support read-only bind-mounts.
> 
> I've sent my test in the ML:
> [PATCH] test: check read-only bind-mounts

Yes, I've just checked the patch and I see the same behavior. I think
I was confused about what was going on before.

One thing is, with some patches to lxc I can actually c/r containers
in this configuration, but your test seems to indicate that things
will fail if something in the restored container tries to access files
here. Is this something we should explicitly disallow?

Tycho

> > 
> > I recoment you to create reproducers (tests) for each problem, you have
> > found. And then we will think how to fix each of them separately.
> > 
> > Thanks.
> > 
> > > 
> > > Tycho
> > > 
> > > > > Is there something else here that I'm missing?
> > > > > 
> > > > > Tycho
> > > > 
> > > > -- Pavel
> > > > 
> > _______________________________________________
> > CRIU mailing list
> > CRIU at openvz.org
> > https://lists.openvz.org/mailman/listinfo/criu

More information about the CRIU mailing list