2 files changed, 23 insertions, 0 deletions

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index f182b6bdf..b074efa3a 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -481,6 +481,19 @@ func (c *Container) checkpoint(ctx context.Context, options ContainerCheckpointO
 	if c.state.State != ContainerStateRunning {
 		return errors.Wrapf(ErrCtrStateInvalid, "%q is not running, cannot checkpoint", c.state.State)
 	}
+
+	// Create the CRIU log file and label it
+	dumpLog := filepath.Join(c.bundlePath(), "dump.log")
+
+	logFile, err := os.OpenFile(dumpLog, os.O_CREATE, 0600)
+	if err != nil {
+		return errors.Wrapf(err, "failed to create CRIU log file %q", dumpLog)
+	}
+	logFile.Close()
+	if err = label.SetFileLabel(dumpLog, c.MountLabel()); err != nil {
+		return errors.Wrapf(err, "failed to label CRIU log file %q", dumpLog)
+	}
+
 	if err := c.runtime.ociRuntime.checkpointContainer(c, options); err != nil {
 		return err
 	}
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 94dbf37dd..52f4523ba 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -526,6 +526,16 @@ func makeRuntime(runtime *Runtime) (err error) {
 	if runtime.config.OCIRuntime != "" && runtime.config.OCIRuntime[0] == '/' {
 		foundRuntime = true
 		runtime.ociRuntimePath = OCIRuntimePath{Name: filepath.Base(runtime.config.OCIRuntime), Paths: []string{runtime.config.OCIRuntime}}
+		stat, err := os.Stat(runtime.config.OCIRuntime)
+		if err != nil {
+			if os.IsNotExist(err) {
+				return errors.Wrapf(err, "the specified OCI runtime %s does not exist", runtime.config.OCIRuntime)
+			}
+			return errors.Wrapf(err, "cannot stat the OCI runtime path %s", runtime.config.OCIRuntime)
+		}
+		if !stat.Mode().IsRegular() {
+			return fmt.Errorf("the specified OCI runtime %s is not a valid file", runtime.config.OCIRuntime)
+		}
 	} else {
 		// If not, look it up in the configuration.
 		paths := runtime.config.OCIRuntimes[runtime.config.OCIRuntime]