[CRIU] Dealing with other mount types

Pavel Emelyanov xemul at parallels.com
Thu Mar 26 08:25:44 PDT 2015


On 03/26/2015 06:13 PM, Andrew Vagin wrote:
> On Thu, Mar 26, 2015 at 09:03:35AM -0600, Tycho Andersen wrote:
>> On Thu, Mar 26, 2015 at 05:59:30PM +0300, Pavel Emelyanov wrote:
>>>
>>>>>> I have written a test which reproduces this configuration and CRIU
>>>>>> doesn't report any error. The test fails as expected, becuase CRIU
>>>>>> doesn't support read-only bind-mounts.
>>>>>
>>>>> I've sent my test in the ML:
>>>>> [PATCH] test: check read-only bind-mounts
>>>>
>>>> Yes, I've just checked the patch and I see the same behavior. I think
>>>> I was confused about what was going on before.
>>>>
>>>> One thing is, with some patches to lxc I can actually c/r containers
>>>> in this configuration, but your test seems to indicate that things
>>>> will fail if something in the restored container tries to access files
>>>> here. Is this something we should explicitly disallow?
>>>
>>> Wait a second, guys :) I thought that Tycho meant that CRIU failed to dump such
>>> mount points knot. Now it looks like CRIU can C/R it, but the restored result is
>>> not correct.
>>
>> Yes, I was getting confused with another problem we have w.r.t. mount
>> points in unprivileged containers (but unprivileged containers have
>> lots of other problems too :). Andrew is right that what I was
>> describing is not the problem. There is another problem though,

Ah, so we have two (at least) problems :) That's great!

>>> So what the problem is?
>>
>> I think it's that files in the restored container's r/o bind mounts
>> can't actually be accessed, but Andrew can probably elaborate.
> 
> We need to add support for read-only bind-mounts.

Identifying the problem is at least 50% of solving one.

-- Pavel



More information about the CRIU mailing list