[Devel] [PATCH] files-reg: Prepare for sysfs entries mode change
Cyrill Gorcunov
gorcunov at virtuozzo.com
Tue Jan 16 11:32:30 MSK 2018
On Tue, Jan 16, 2018 at 11:03:26AM +0300, gremlin at gremlin.ru wrote:
> On 2018-01-16 01:51:31 +0300, Cyrill Gorcunov wrote:
>
> > The kernel virtualize access to proc/sys/ entries in lightweight
> > way -- if entry is opened from inside of veX then it's not allowed
> > to be written.
>
> In general, the "ugo-w" permissions don't seem to be a good solution
> for that: returning EROFS or simply EACCES on open() for writing
> regardless of permissions would be much better.
Might be. Moreover we may rework this aspect of virtualization one
day, so then this patch will be dropped off from the criu.
> > Still we're dumping files in ve0 environment so the mode for such
> > files may no match on restore, because restore itself is running
> > inside veX.
>
> If the /proc/sys entries are not allowed to be written from inside of
> VE - then, possibly, they may be safely skipped on restore...
No. If files have been opened by container for any reason we must restore
them in opened state as well.
>
> > so i think we can simply skip such testing inside ve criu instance
> > since it's kernel specific. Simply print out a warning for refernce
> > and continue
>
> These warnings may be annoying and spoil other messages. Adding an
> option for them (or using common -v -vv -vvv or -q) would be wise.
It's already controlled by -v option. Currently we run criu with
debug level turned on by default because we need as much information
as possible in case of error. A customer may setup -v0 and zap everything
except error messages.
More information about the Devel
mailing list