355
edits
Changes
m
no edit summary
Line 1:
Line 1:
+
+
=== Forensic analysis of container checkpoints ===
+
+'''Summary:''' Extending go-crit with capabilities for forensic analysis
+
+'''Merged:''' https://github.com/checkpoint-restore/checkpointctl
+
+The go-crit tool was created during GSoC 2022 to enable analysis of CRIU [[images]] with tools written in Go. It allows container management tools such as [https://github.com/checkpoint-restore/checkpointctl checkpointctl] and Podman to provide capabilities similar to CRIT. The goal of this project is to extend go-crit with functionality for forensic analysis of container checkpoints to provide a better user experience.
+
+The go-crit tool is still in its early stages of development. To effectively utilise this new feature, the checkpointctl tool would be extended to display information about the processes included in a container checkpoint and their runtime state (e.g., memory, open files, sockets, etc).
+
+'''Links:'''
+* https://criu.org/CRIT_(Go_library)
+* https://github.com/checkpoint-restore/go-criu/tree/master/crit
+* https://kubernetes.io/blog/2022/12/05/forensic-container-checkpointing-alpha/
+
+
=== Restrict checks for open/mmaped files ===
=== Restrict checks for open/mmaped files ===