go-runc icon indicating copy to clipboard operation
go-runc copied to clipboard

Published 20 hours ago verified publisher icon containerd

Kill exec process with SIGTERM instead of SIGKILL

Open inoc603 opened this issue 7 years ago • 4 comments

In runc.Exec, here the exec command is created with exec.CommandContext, which will kill the runc command with os.Process.Kill when the context is done. And when runc is killed by SIGKILL, the exec process inside the container is not stopped. I think we should send SIGTERM manually to stop the runc command when we're doing exec.

I only tested this with docker-runc. Can anyone confirm whether it is the same with runc?

inoc603 avatar Jul 10 '17 08:07 inoc603

Why do you think this is not the correct functionality? When a context closes, that means the request or parent crashed/ended so we don't want to orphan the runc process.

crosbymichael avatar Jul 11 '17 21:07 crosbymichael

Yes the runc process should be killed when the context closes. My point is that it should be killed by SIGTERM rather than SIGKILL, so runc itself can clean up the exec process in the container. Current mechanism will orphan the exec process inside the container.

What I'm suggesting is listening for ctx.Done() manually, instead of letting the exec package handle it.

inoc603 avatar Jul 12 '17 00:07 inoc603

@inoc603 ok, the hard part is that Go is the one that sends the SIGKILL. We would have to rewrite all the logic for CommandContext to make this work like you said.

crosbymichael avatar Jul 12 '17 15:07 crosbymichael

Closed #28 for staleness, is this issue still relevant though?

dmcgowan avatar Jul 23 '21 23:07 dmcgowan