containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #17025 from giuseppe/terminate-processes-no-pid-namespace 

oci: terminate all container processes on cleanup
This commit is contained in:
OpenShift Merge Robot 2023-01-08 06:45:03 -05:00 committed by GitHub
parent c83a2f8a0a 9fe86ec7f6
commit 74a961a9b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
libpod/container_api.go
View File

@ -786,6 +786,19 @@ func (c *Container) Cleanup(ctx context.Context) error {
// If we didn't restart, we perform a normal cleanup // If we didn't restart, we perform a normal cleanup
// make sure all the container processes are terminated if we are running without a pid namespace.
hasPidNs := false
for _, i := range c.config.Spec.Linux.Namespaces {
if i.Type == spec.PIDNamespace {
hasPidNs = true
break
}
}
if !hasPidNs {
// do not fail on errors
_ = c.ociRuntime.KillContainer(c, uint(unix.SIGKILL), true)
}
// Check for running exec sessions // Check for running exec sessions
sessions, err := c.getActiveExecSessions() sessions, err := c.getActiveExecSessions()
if err != nil { if err != nil {