[CRIU] [PATCH] add join-ns opt to criu restore

[Dengguangxing]

Hi, Pavel and Andrew,

Thanks for your reviewing, I would never realize these problems by myself.
I am not really familiar with namespace, so I don't know exactly what result
this implementatin would lead to (I did some simple tests only).
Really appreciate your opinions.

Here are my solutions to your suggestions, please check if they make sense.

> There are three things to sort out:
>
> 1. What if root task lives in netns, but we ask for --join-ns net?
In such case, setns() will switch to the new ns.

> 2. What if we pass --unshare net and --join-ns net?
> 3. What if we pass --empty-ns net and --join-ns net?
>
maybe should add flag_check rules(if we don't have one), --unshare, --empty-ns and
--join-ns should conflict.

>
> Please, also fix the images/rpc.proto and criu/cr-service.c to support this option
> in RPC API.
Sorry for missing this, will append that

>
> A namespace may be mounted into a file:
> [root at fc22-vm ~]# ip netns add test
> [root at fc22-vm ~]# cat /proc/self/mountinfo | grep test
> 82 80 0:3 net:[4026532214] /run/netns/test rw shared:32 - nsfs nsfs rw
The opt can be in "NS:PID | PATH" format. finnally It will be parsed into filepath,
like /proc/12345/ns/net and /run/netns/test

>
> If a root task is restore in a new userns, you will not ablt to join
> external namespaces here. setns() will return EPERM.
leave user-ns setting to the last one to perform

>
> You need to set proper uid and gid to joing an user namespace
users can set uid and gid while joining user-ns. if not specified, use default one (0?)


>
> You need to open namespace files before calling setns for them,
> because namespace files can become unaccessiable after switching into
> another mount namespace.
Awesome! I will amend this as you said

Ps I will complement and regulate the comment.

Best Regards!
Deng