Difference between revisions of "User-mode"

From CRIU
Jump to navigation Jump to search
 
(One intermediate revision by one other user not shown)
Line 1: Line 1:
 +
https://github.com/adrianreber/criu/tree/non-root
 +
 
== Known issues ==
 
== Known issues ==
 
* PR_SET_MM_MAP is required (the kernel version >= 3.18)
 
* PR_SET_MM_MAP is required (the kernel version >= 3.18)
Line 7: Line 9:
 
* criu restore works in a new userns only if setgroups is set to "allow"
 
* criu restore works in a new userns only if setgroups is set to "allow"
 
  pie: 235: Error (criu/pie/restorer.c:172): Can't setup supplementary groups
 
  pie: 235: Error (criu/pie/restorer.c:172): Can't setup supplementary groups
 +
* PTRACE_O_SUSPEND_SECCOMP and PTRACE_SECCOMP_GET_FILTER require the root CAP_SYS_ADMIN (ptrace_setoptions)
  
 
{{FIXME|describe checkpoint/restore as an unprivileged (non-root) user.}}
 
{{FIXME|describe checkpoint/restore as an unprivileged (non-root) user.}}

Latest revision as of 20:28, 12 October 2022

https://github.com/adrianreber/criu/tree/non-root

Known issues[edit]

  • PR_SET_MM_MAP is required (the kernel version >= 3.18)
  • shared memory can't be dumped from a non-root user
Error: Can't open 24/map_files/7f72d1687000-7f72d1688000 on procfs: Operation not permitted
  • criu restore doesn't work
Error: Write 29 to sys/kernel/ns_last_pid: Operation not permitted
  • criu restore works in a new userns only if setgroups is set to "allow"
pie: 235: Error (criu/pie/restorer.c:172): Can't setup supplementary groups
  • PTRACE_O_SUSPEND_SECCOMP and PTRACE_SECCOMP_GET_FILTER require the root CAP_SYS_ADMIN (ptrace_setoptions)
Tools-spanner-hammer.svg FIXME: describe checkpoint/restore as an unprivileged (non-root) user.