-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
runc can not wait process in the container exits when share pid namespace #4145
Comments
I think I figured out why cgroup residue. |
So how should we make sure that all processes in the container have exited? |
We have recently made some changes in that area (in particular, see #4102). Plus, you are using a somewhat old version of runc (1.1.3), the latest one is 1.1.10. I suggest you try a version compiled from HEAD (this is a future 1.2.0), and let us know if it fixes your problem. |
Another thing is, one can only wait(2) for its own child, thus, say, And, if the process can't be killed because it is stuck in |
Description
1.docker run with --pid=host
2.other processes in the container except the init process D live
3.docker rm -f $containerdID
Steps to reproduce the issue
Describe the results you received and expected
i received:
1.containerd-shim and init process reaped
2.container cgroup residue
What version of runc are you using?
[root@localhost ~]# runc --version
runc version 1.1.3
commit: 02a436f4f2efd8c5a2ec5c4ed3d196242d4edb77
spec: 1.0.2-dev
go: go1.17.3
libseccomp: 2.5.3
Host OS information
No response
Host kernel information
No response
The text was updated successfully, but these errors were encountered: