Matt Heon

I believe this one will be fixed in 3.1.0

Add to that list `gettid` and `sched_getaffinity` at a minimum, probably `nanosleep` and `getpid`. If you're using any of the Golang concurrency primitives you probably hit a `sched_yield` or two...

I'm fairly certain Go uses it internally in the runtime for scheduling Goroutines, so while you can probably get away without it for trivial programs, I wouldn't recommend leaving it...

That won't work, as it will allow all containers to see all other containers via DNS - even those in networks they are not present in. We have abandoned dnsname...

I’m a lot more concerned with how you’re getting these stale sessions in the first place. Each exec session should be spawning a cleanup process on exit, which takes care...

You’re just killing the Podman process there - the actual exec session has double forked and is running independently. I suspect you’ll see that there is still a sleep running...

The Podman process does not do the cleanup - Conmon spawns a separate Podman on completion of the exec session (when the first PID in it exits) which handles cleanup....

I don't think Conmon spawns the cleanup process when it's hit by SIGTERM. This sounds like something we should fix. On Fri, May 14, 2021 at 9:09 AM Daniel J...

Hm. We may only be doing it for detached exec sessions. Finally have time to dig into this one, I'll go looking.

I was right - we are, in fact, only doing exit commands for detached exec. Fortunately, this should be an easy fix.