On Thu, Jul 21, 2016 at 03:37:26PM +0000, Katerina Koukiou wrote:
When doing lxc migration or simply restoring the container from a saved state, we need restore the container from CRIU img files that we have stored in disk. In this patch, we should extend lxcContainerStart into a more generic one, that either starts a container from scratch or restores it from a snapshot.
Signed-off-by: Katerina Koukiou <k.koukiou@gmail.com> --- src/Makefile.am | 3 +- src/lxc/lxc_container.c | 200 +++++++++++++++++++++++++++++++++++++++++++++-- src/lxc/lxc_container.h | 3 +- src/lxc/lxc_controller.c | 109 ++++++++++++++++++++++++-- src/lxc/lxc_driver.c | 4 +- src/lxc/lxc_process.c | 23 +++++- src/lxc/lxc_process.h | 1 + 7 files changed, 323 insertions(+), 20 deletions(-)
+ /* CRIU needs the container's root bind mounted so that it is the root of + * some mount. + */ + if (virAsprintf(&rootfs_mount, "/tmp/%s", vmDef->name) < 0) { + virReportError(VIR_ERR_INTERNAL_ERROR, "%s", + _("Failed to write rootfs dir mount path")); + goto cleanup; + }
Again, use of /tmp is a likely security flaw Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|