Changes

1,105 bytes added ,  21:56, 1 October 2023
m
no edit summary
Line 1: Line 1:  +
 +
=== Forensic analysis of container checkpoints ===
 +
 +
'''Summary:''' Extending go-crit with capabilities for forensic analysis
 +
 +
'''Merged:''' https://github.com/checkpoint-restore/checkpointctl
 +
 +
The go-crit tool was created during GSoC 2022 to enable analysis of CRIU [[images]] with tools written in Go. It allows container management tools such as [https://github.com/checkpoint-restore/checkpointctl checkpointctl] and Podman to provide capabilities similar to CRIT. The goal of this project is to extend go-crit with functionality for forensic analysis of container checkpoints to provide a better user experience.
 +
 +
The go-crit tool is still in its early stages of development. To effectively utilise this new feature, the checkpointctl tool would be extended to display information about the processes included in a container checkpoint and their runtime state (e.g., memory, open files, sockets, etc).
 +
 +
'''Links:'''
 +
* https://criu.org/CRIT_(Go_library)
 +
* https://github.com/checkpoint-restore/go-criu/tree/master/crit
 +
* https://kubernetes.io/blog/2022/12/05/forensic-container-checkpointing-alpha/
 +
 +
 
=== Restrict checks for open/mmaped files ===
 
=== Restrict checks for open/mmaped files ===
 
   
 
   
332

edits