-
Tycho Andersen authored
While this commit is logically part of the "implement cgns support" commit, it's worth noting this separately I think: since cgns requires each task to look at its own proc file, we can now no longer dump unprivileged tasks whose /proc doesn't belong to them. This is because unprivileged tasks can't mount /proc, so if their /proc doesn't belong to them and they need to read it (because they're in a cgns), the pie code can't do anything about it. For cgns, we could solve this problem by simply fork()ing and setns()ing to the tasks pid and cgroup namespaces, and then reading the /proc from that task instead. (And perhaps we should implement it that way so we can still dump tasks whose /proc doesn't belong to them, although I don't think that's a common case.) Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@virtuozzo.com>
1b291d8b
| Name |
Last commit
|
Last update |
|---|---|---|
| Documentation | ||
| contrib | ||
| crit | ||
| criu | ||
| images | ||
| lib | ||
| scripts | ||
| test | ||
| .gitignore | ||
| .mailmap | ||
| .travis.yml | ||
| COPYING | ||
| CREDITS | ||
| Makefile | ||
| Makefile.install | ||
| Makefile.versions | ||
| README.md |