From 2de82d523b8b6104b978817b47ad3c06f42cf00f Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Thu, 26 Sep 2024 15:39:20 +0200
Subject: [PATCH] libpod: ensure we are not killed during netns creation

When we are killed during netns setup it will leak the netns path as it
was not commited in the db. This is rather common if you run systemctl
stop on a podman systemd unit. Of course we cannot protect against
SIGKILL but in systemd case we get SIGTERM and we really should not exit
in a critical section like this.

Fixes #24044

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 libpod/container_internal_linux.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libpod/container_internal_linux.go b/libpod/container_internal_linux.go
index aaeb75d3cc..38119a604c 100644
--- a/libpod/container_internal_linux.go
+++ b/libpod/container_internal_linux.go
@@ -19,6 +19,7 @@ import (
 	"github.com/containers/common/pkg/cgroups"
 	"github.com/containers/common/pkg/config"
 	"github.com/containers/podman/v5/libpod/define"
+	"github.com/containers/podman/v5/libpod/shutdown"
 	"github.com/containers/podman/v5/pkg/rootless"
 	spec "github.com/opencontainers/runtime-spec/specs-go"
 	"github.com/opencontainers/runtime-tools/generate"
@@ -67,6 +68,9 @@ func (c *Container) prepare() error {
 		tmpStateLock                    sync.Mutex
 	)
 
+	shutdown.Inhibit()
+	defer shutdown.Uninhibit()
+
 	wg.Add(2)
 
 	go func() {