Run init system when starting the toolbox

Remove PID namespace sharing and run the init system as PID 1 instead of sleep when starting up the toolbox. implements debarshiray/toolbox#176 Shell executed within the toolbox are now running in a separate PID namespace. Waiting on issue containers/podman#3205
mildred · May 27, 2019 · 51635f8 · 51635f8
1 parent fb6c3cf
commit 51635f8
Showing 1 changed file with 5 additions and 2 deletions.
diff --git a/toolbox b/toolbox
@@ -763,7 +763,6 @@ create()
             --name $toolbox_container \
             --network host \
             $no_hosts \
-            --pid host \
             --privileged \
             --security-opt label=disable \
             --uidmap "$user_id_real":0:1 \
@@ -958,7 +957,11 @@ EOF
         fi
     fi
 
-    exec sleep +Inf
+    if [[ $$ -eq 1 ]]; then
+        exec /sbin/init
+    else
+        sleep +Inf
+    fi
 }