Re: [libvirt] [PATCH RFC 4/5] lxc: adjusted libvirt-lxc process to add restore mode to it.
On Thu, Jul 21, 2016 at 03:37:26PM +0000, Katerina Koukiou wrote:
When doing lxc migration or simply restoring the container from a
saved state, we need restore the container from CRIU img files that
we have stored in disk. In this patch, we should extend
lxcContainerStart into a more generic one, that either starts a container
from scratch or restores it from a snapshot.
Signed-off-by: Katerina Koukiou <k.koukiou(a)gmail.com>
---
src/Makefile.am | 3 +-
src/lxc/lxc_container.c | 200 +++++++++++++++++++++++++++++++++++++++++++++--
src/lxc/lxc_container.h | 3 +-
src/lxc/lxc_controller.c | 109 ++++++++++++++++++++++++--
src/lxc/lxc_driver.c | 4 +-
src/lxc/lxc_process.c | 23 +++++-
src/lxc/lxc_process.h | 1 +
7 files changed, 323 insertions(+), 20 deletions(-)
+ /* CRIU needs the container's root bind mounted so that it
is the root of
+ * some mount.
+ */
+ if (virAsprintf(&rootfs_mount, "/tmp/%s", vmDef->name) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("Failed to write rootfs dir mount path"));
+ goto cleanup;
+ }
Again, use of /tmp is a likely security flaw
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|