Add '-p' flag to get signalled when parent dies #114

Add a new flag '-p', which sets up the parent death signal to `SIGKILL`. This will cause the kernel to send us a `SIGKILL` as soon as the direct parent process dies. This is useful e.g. in combination with unshare(1) from util-linux when using PID namespaces. When unshare forks the child, which is about to become PID 1, killing the unshare parent will not cause the child to exit. When executing the command $ unshare --pid --fork tini -- <prog> then killing unshare will not cause tini to be killed. Since util-linux v2.32, unshare has an option "--kill-child=<SIGNAL>" that will set up the parent death signal for the forked process. This does not help though in case either SELinux or AppArmor are in use and credentials of the forked process change (e.g. by changing its UID), as these LSMs will clear the parent death signal again. The following example would trigger that situation: $ unshare --pid --fork setpriv --reuid user tini -s -- <prog> The parent death signal will get reset by the LSMs as soon as `setpriv` switchets its user ID to that of "user", and killing unshare will again not result in tini being killed. The new '-p' flag helps that exact scenario: $ unshare --pid --fork setpriv --reuid user tini -s -p SIGKILL -- <prog> As soon as unshare is getting killed, tini will get signalled SIGKILL and exit as well, tearing down <prog> with it.

See: #114 (comment)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Add '-p' flag to get signalled when parent dies #114

Add '-p' flag to get signalled when parent dies #114

Commits on Apr 19, 2018