[CRIU] [PATCH 0/6] Don't recomend using criu as a system service, v2
Ruslan Kuprieiev
rkuprieiev at cloudlinux.com
Mon Oct 12 02:34:09 PDT 2015
Due to discovered and reported vulnerabilities and ongoing work on
implementing non-root(including no suid bit) c/r, we really shouldn't
encourage people to use criu as a system service. So lets remove systemd,
logrotated files and fix libcriu and pycriu to use swrk.
Ruslan Kuprieiev (6):
As it is not recomended to run criu as a root system service, lets
remove service file to stop encouraging people to do it.
We don't need it without systemd configs.
As we've deleted them in previous two patches.
Not sure if it is okay, but this patch breaks backward compatibility,
as we now discourage people from using criu as a system service
by default. But it is better to be done rather sooner than
later, considering criu service is not widely used.
As our tests serve as an example for people on how to preferably
use criu, we need to also switch to swrk.
This class is essentially libcriu in python(yet for now it has
only some basic functions such as check/dump/restore). It is
needed to make life for python users even more easier, i.e.
hiding some nasty connection stuff. It is also using criu
swrk(COMM_BIN) communication method, instead of an old system
service, as we no longer recommend it.
Makefile | 4 -
lib/criu.c | 42 ++++--
lib/criu.h | 2 +-
pycriu/__init__.py | 1 +
pycriu/criu.py | 282 +++++++++++++++++++++++++++++++++++++++
scripts/logrotate.d/criu-service | 7 -
scripts/sd/criu.service | 8 --
scripts/sd/criu.socket | 8 --
test/libcriu/run.sh | 10 +-
test/libcriu/test_errno.c | 2 +-
test/libcriu/test_iters.c | 2 +-
test/libcriu/test_notify.c | 2 +-
test/libcriu/test_self.c | 2 +-
test/libcriu/test_sub.c | 2 +-
14 files changed, 326 insertions(+), 48 deletions(-)
create mode 100644 pycriu/criu.py
delete mode 100644 scripts/logrotate.d/criu-service
delete mode 100644 scripts/sd/criu.service
delete mode 100644 scripts/sd/criu.socket
--
2.4.3
More information about the CRIU
mailing list