CRIU

Changes

User namespace (edit)

Revision as of 17:44, 29 July 2014

26 bytes added ,  17:44, 29 July 2014
no edit summary
Line 4: Line 4:  
* access to /proc/pid/map_files which we use for restore of shared memory (CAP_SYS_ADMIN)
 
* access to /proc/pid/map_files which we use for restore of shared memory (CAP_SYS_ADMIN)
 
* using of SO_RCVBUFFORCE and SO_SNDBUFFORCE socket option (CAP_NET_ADMIN)
 
* using of SO_RCVBUFFORCE and SO_SNDBUFFORCE socket option (CAP_NET_ADMIN)
* open_by_handle_at requires CAP_DAC_READ_SEARCH
+
* open_by_handle_at and linkat(AT_EMPTY_PATH) requires CAP_DAC_READ_SEARCH
    
The list will be updated with time. To resolve the problems we need to address every issue and modify the kernel. For first bullet there is a patch already floating around in kernel mailing list.
 
The list will be updated with time. To resolve the problems we need to address every issue and modify the kernel. For first bullet there is a patch already floating around in kernel mailing list.
    
[https://github.com/avagin/criu/tree/userns2 Here is a draft of userspace code]
 
[https://github.com/avagin/criu/tree/userns2 Here is a draft of userspace code]
Retrieved from "https://criu.org/Special:MobileDiff/1597"