"Daniel P. Berrange" <berrange@xxxxxxxxxx> writes:
> Thinking about it more generally, this isn't really a container specific
> problem, but rather an issue with the kill() syscall. It is the same
> general class of problem as you see checking file permissions for example,
> which is why you would use fstat() instead of stat() in many cases. It
> might call for a way to get a FD associated with a pid (eg the /proc/$pid
> dir handle) and then be able to kill() via that FD. eg something like
>
>
> dirfd = open("/proc/$pid", O_RDONLY);
>
> exefd = openat(dirfd, "exe", O_RDONLY);
> ...check it is the exe you think it is...
>
> cgroupfd = openat(dirfd, "cgroups", O_RDONLY);
> ...check the process is where you expect it to be...
>
> fkill(dirfd, SIG_KILL)
>
> that's probably a whole can of worms though, so I think i'll just
> restrict myself to killing processes based on the container's view
> of the PID for now.
Yes that is the general solution. It is very reasonable to have a proc
file that you can write to that will send a signal to it's process.
I keep thinking it will be worth implementing one of these days.
Eric
_______________________________________________
Containers mailing list
Containers@xxxxxxxxxxxxxxxxxxxxxxxxxx
https://lists.linuxfoundation.org/mailman/listinfo/containers
