The --tcp-close option was introduced with commit
2c37042821906f013634e305899cb25ff1a5a7b1
tcp: Add tcp-close option to restore connected TCP sockets in closed state
This options is applicable only for restore. Therefore, move the
documentation from 'dump' to 'restore'.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
The --log-pid option was introduced with commit
fc7bedc50ab4ca08b1c96764a5bd1acbc1889fa6
crtools: make to be able to split messages by pid
This option is applicable only for restore. Therefore, move the
documentation from "Common options" to "restore".
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Add hostname resolution in setup_tcp_client(). This change allows a
valid hostname to be provided as value for --address option when
connecting to page server.
This change is needed for the following path which removes
setup_TCP_client_socket() from img-proxy.c. In this function the
hostname resolution was implemented using gethostbyname()
However, here we use `getaddrinfo` instead because gethostbyname() is
marked obsolescent in POSIX.1-2001 and is removed in POSIX.1-2008
specifications.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
For a long time we've been demanding from cpus to be compatible
on fpu frame level, but growing list of cpu features triggers
inability for restored programs to proceed after restore due
to specific intructions execution (such as avx2). Note the
fpu frame may carry same size but not on instruction level
where SIGILL may happen after the restore.
Thus lets require instruction mode to be set and verified by default.
Still one can drop this option via command line or rpc request.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Reviewed-by: Dmitry Safonov <0x7f454c46@gmail.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Only long options are supported in configuration files. "-v" is the only
short option which doesn't have a corresponding long option, therefore
users wouldn't be able to setup verbosity in configuration files without
this patch.
Signed-off-by: Veronika Kabatova <vkabatov@redhat.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
New restore option 'tcp-close' was introduced. It restores all connected
TCP sockets in TCP_CLOSE state. Here we consider tcp sockets in
TCP_ESTABLISHED, TCP_FIN_WAIT2, TCP_FIN_WAIT1, TCP_CLOSE_WAIT,
TCP_LAST_ACK, TCP_CLOSING, TCP_SYN_SENT states as connected sockets.
This is consistent with current CRIU usage of these states. Thus this
option doesn't affect sockets with original states of TCP_LISTEN and
TCP_CLOSE.
Signed-off-by: Pavel Begunkov <asml.silence@gmail.com>
Signed-off-by: Eugene Batalov <eabatalov89@gmail.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Introducing negative options for true / false values. The original
getopt_long parser is kept since it is able to set flag-like values
(instead of setting these values in the switch when it's not needed).
The type of the options needed to be changed to integers for getopt_long
to accept flag-like value settings (as per getopt_long documentation,
the address of integer variable has to be passed).
Corresponding negative options are not added for deprecated options.
This patch is a preparation for the addition of configuration files
(GitHub issue #278). General idea of this feature is to have global
configuration files in /etc/criu.d/ directory and user-specific
configuration files in $HOME/.criu.d/ directory, with the possibility
of specifying a chosen file to be used (default files will be used if
none is specified, or none in case the default ones are not present,
to not break compatibility). The options in configuration files should
be possible to be overriden by the options specified on command line,
hence the negative options addition.
The whole feature of configuration files will remove the need of
specifying all the options on command line, with the possibility of
reusing a file for different use case with only overriding some of the
values specified there.
In case both types of option (negative and positive) are passed, the
later one will be applied -- this works with the philosophy of
overriding the "earlier" options from configuration files.
Changes since v1:
- Describe the --no- option prefix in the beginning of OPTIONS section in
both man page and --help instead of mentioning it at every eligible line
(this also fixes line length issue with --help)
- Fix the accidental removal of check_only case caused by bad rebase
- Use a macro for getopt_long struct option generating instead of additional
defines and hardcoded lines
Signed-off-by: Veronika Kabatova <vkabatov@redhat.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
For most of the CLI tools I see, adding -v option increases their verbosity.
Currently, this is not the case for criu. Default verbosity is set it 2,
and using -v actually decreases the verbosity level to 1, so to increase
verbosity you need to use -vvv (or -v3). To me, this behavior is
quite counterintuitive.
This patch changes the way -v works (but retains -vNUM as it was). Now,
using -v increases verbosity by +1 from the default value (and e.g. -vvv
increases it by +3).
Surely, this changes user experience: for example someone who
was using -v (rather than -v1 or -v0) to silent warnings, will
now have verbosity increased. IMHO this is for the better.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch adds the --siganl-fd FD option to specify a file descriptor.
CRIU will write '\0' to this descriptor and close it after passing
a preparation stage.
It is alternative way to demonizing a criu process after a preparation
stage. It's imposiable to get exit code, if a process has daemonized.
The introduced way allows to wait a preparation stage and to get an exit
code. It can be easy used from shell and other script languages.
v3: fix a help message
v4: Here is a sequence of actions how it can be used:
* open a pipe
* run a service with the pipe[1] as status_fd
* read(pipe[0]) to wait a moment when the service will be ready to
accept connections
* do a work which requires the service
* wait the service process to gets its exit status to be sure that
everything okey
travis-ci: success for crtools: close a signal descriptor after passing a preparation stage (rev6)
Cc: Mike Rapoport <mike.rapoport@gmail.com>
Cc: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Based on debian's manpage from Salvatore Bonaccorso:
e708a3a Sync manpage for crit to include short explanation for new subcommands
7dd571a Fix position for optional arguments in crit's manpage
017f8d9 Add minimal manpage for the crit
travis-ci: success for crit: added crit manpage
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This is an addition to commit 6273a5c ("Add ability to restore with
missing sysctls on the target node").
travis-ci: success for Document --weak-syscalls
Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This adds the description of --external option for all the supported
cases, both for dump and restore.
References: https://criu.org/CLI/opt/--external
travis-ci: success for Add/fix description of --external and --inherit-fd
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch describes the correct syntax of --inherit-fd.
travis-ci: success for Add/fix description of --external and --inherit-fd
CC: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Remove the following options (obsoleted by --external):
--ext-unix-sk
--veth-pair
--ext-mount-map
--enable-external-masters
--enable-exteral-sharing
travis-ci: success for Add/fix description of --external and --inherit-fd
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Option --leave-stopped can now be used during restore,
but this was not reflected in the man page.
[v2: fix wording]
https://github.com/xemul/criu/issues/215
travis-ci: success for criu.8: document restore --leave-stopped (rev2)
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The "$(SRC): $(FOOTER)" dependency listed is incorrect, as criu.txt file
is not dependent on footer.txt. Having said that, criu.8 in fact do
depend on footer.txt but that was not reflected in Makefile. Fix it.
While at it, add the custom.xsl dependency, which was also missing.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
I just discovered that if I run make right from Documentation/ subdir,
CRIU_VERSION is not defined so the generated man page is lacking it.
Let's fix by conditionally including ../Makefile.versions.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
1. As __nmk_dir already ends with a slash, there's no need
for an extra one.
2. No need to include macro.mk into criu/Makefile -- nothing it defines
is used from there.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This adds a way to re-enable justification and hyphenation for
the man page (which in enabled by default in troff but then
Docbook explicitly disables it). The man page looks better this way.
The reason why hyphenation for man pages is disabled by Docbook is
"The problem is that groff is not particularly smart about how it
does hyphenation; it can end up hyphenating a lot of things that you
don't want hyphenated".
The reason why justification for man pages is disabled by Docbook is
"justified text looks good only when it is also hyphenated.
Without hyphenation, excessive amounts of space often end up
getting between words, in order to "pad" lines out to align
on the right margin".
I carefully checked the resuling man page using both terminal output
on 80 columns and the PS/PDF generated. In both cases hyphenation
looks normal, i.e. I don't see any unwanted cases of extra hyphenation.
Same for justification.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This is an attempt to cleanup the man page. I am very sorry this comes
in this one big patch. Here are the changes:
1. Use *BOLD* for literals, 'ITALIC' for arguments (variable
substituions)
2. Do not use <> for arguments, as they are already marked so (italic)
3. Remove details about "criu exec" and remote syscalls execution;
add note that it's obsoleted by Compel.
4. Some descriptions are shrunk, some made longer, many are rephrased.
5. Formatting: use second-level lists (*value*:::) where appropriate
(mostly instead of bulleted lists of values).
6. Properly show comma-separated lists of arguments (with second pair
of [] and ...
7. Proper use of terms 'option' and 'argument' (*--option* 'argument').
8. Other fixes to formatting and English (such as missing a/the articles).
...
98. Change author to be "the CRIU team".
99. Update copyright years, copyright holder is Parallels Holdings.
[v2: rebase]
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
I was not able to find a way to make a target in sub-makefile
(such as "cd Documentation && make pdf") without this hack.
If there's a better way, please let me know
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
For the previously added option to skip in-flight connections this adds
that option to the RPC interface. The skip in-flight connections is also
described in criu.txt.
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
While most are handled from the scratch there is a significant
problem with python setup. So I added some preliminaty solution,
probably someohe with good knowledge of how setup.py works
improve it later.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The "criu check" command to check if the kernel is properly configured
to run criu is broken.
The "criu check --ms" command used to be the way to tell criu to check
only for features that have been merged upstream. But recent kernels
have a set of features whose presence doesn't necessarily mean that
dump or restore will fail but rather *may* fail depending on whether
the process tree uses those features.
This patch deprecates --ms and introduces --extra, --experimental,
and --all. See "criu --help" or "man criu" for more info.
Typical use cases are:
$ sudo criu check
<zero or more warnings and errors...>
Looks good.
$ echo $?
0
$ sudo criu check --extra
<zero or more warnings and errors...>
Looks good.
$ echo $?
1
$ sudo criu check --extra
<one or more warnings...>
Looks good but some kernel features are missing
which, depending on your process tree, may cause
dump or restore failure.
$ echo $?
1
$ sudo criu check --feature list
mnt_id aio_remap timerfd tun userns fdinfo_lock seccomp_suspend \
seccomp_filters loginuid cgroupns
$ sudo criu check --feature mnt_id
Warn (cr-check.c:283): fdinfo doesn't contain the mnt_id field
$ echo $?
1
$ sudo criu check --feature tun
tun is supported
$ echo $?
0
Signed-off-by: Saied Kazemi <saied@google.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We can generate footer dynamically and
provide criu.8 version the same as
the program has.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This reverts commit a98014f306be4b4fefdf01af31e1efa5d83e5e4f.
As per Saied Kazemi, actually dump works without seccomp support
from the kernel on non-seccomped tasks. The only problem was with
criu check, but this would be addressed separately.
Reverting the commit not to burden the API with (yet) unneeded stuff.
Conflicts:
lib/c/criu.h
Sometimes we may want to use CRIU on older kernels which don't support
dumping seccomp state where we don't actually care about the seccomp state.
Of course this is unsafe, but it does allow for c/r of things using
seccomp on these older kernels in some cases. When the task is in
SECCOMP_MODE_STRICT or SECCOMP_MODE_FILTER with filters that block the
syscalls criu's parasite code needs, the dump will still fail.
Note that we disable seccomp by simply feigning that we are in mode 0. This
is a little hacky, but avoids distributing ifs throughout the code and
keeps them in this one place.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Saied Kazemi <saied@google.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch change the build chain to not use pie objects in the crtools
executable.
This done by building the shared source files twice:
1. for parasite/restorer as '<file>-pie-build.o'
2. for crtools as '<file>.o'
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
