podman process remains in system and does not exit.

[coldbloodx]

Is this a BUG REPORT or FEATURE REQUEST? (leave only one on its own line)

/kind bug

Description podman process remains in system and does not exit.

Steps to reproduce the issue:

run podman ps and after podman exit, check podman process. 1. [xianwu@rcn07 ~]$ ps -ewf |grep podman xianwu 171569 1 0 02:09 ? 00:00:00 podman xianwu 171788 171482 0 02:11 pts/0 00:00:00 grep --color=auto podman [xianwu@rcn07 ~]$ kill -9 171569 [xianwu@rcn07 ~]$ ps -ewf |grep podman xianwu 171803 171482 0 02:11 pts/0 00:00:00 grep --color=auto podman [xianwu@rcn07 ~]$ podman ps CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES [xianwu@rcn07 ~]$ ps -ewf |grep podman xianwu 171828 1 0 02:11 ? 00:00:00 podman xianwu 171846 171482 0 02:11 pts/0 00:00:00 grep --color=auto podman

Describe the results you received: podman process does not exit.

Describe the results you expected: podman porocess should exit.

Additional information you deem important (e.g. issue happens only occasionally): [xianwu@rcn07 ~]$ cat /proc/171828/status Name: podman pause Umask: 0022 State: S (sleeping) Tgid: 171828 Ngid: 0 Pid: 171828 PPid: 1 TracerPid: 0 Uid: 33857 33857 33857 33857 Gid: 10007 10007 10007 10007 FDSize: 64 Groups: 666 10007 100001 NStgid: 171828 NSpid: 171828 NSpgid: 171827 NSsid: 171827 VmPeak: 75312 kB VmSize: 75312 kB VmLck: 0 kB VmPin: 0 kB VmHWM: 31460 kB VmRSS: 31460 kB RssAnon: 18976 kB RssFile: 12484 kB RssShmem: 0 kB VmData: 1044 kB VmStk: 132 kB VmExe: 32396 kB VmLib: 2748 kB VmPTE: 152 kB VmSwap: 0 kB HugetlbPages: 0 kB CoreDumping: 0 Threads: 1 SigQ: 0/23737 SigPnd: 0000000000000000 ShdPnd: 0000000000000000 SigBlk: fffffffe7ffabeff SigIgn: 0000000017803007 SigCgt: 0000000180000000 CapInh: 0000000000000000 CapPrm: 0000003fffffffff CapEff: 0000003fffffffff CapBnd: 0000003fffffffff CapAmb: 0000000000000000 NoNewPrivs: 0 Seccomp: 0 Speculation_Store_Bypass: vulnerable Cpus_allowed: 3 Cpus_allowed_list: 0-1 Mems_allowed: 00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000000,00000001 Mems_allowed_list: 0 voluntary_ctxt_switches: 2 nonvoluntary_ctxt_switches: 147 Output of podman version:

[xianwu@rcn07 ~]$ podman info
host:
  BuildahVersion: 1.12.0-dev
  CgroupVersion: v1
  Conmon:
    package: conmon-2.0.6-1.module_el8.2.0+305+5e198a41.x86_64
    path: /usr/bin/conmon
    version: 'conmon version 2.0.6, commit: a2b11288060ebd7abd20e0b4eb1a834bbf0aec3e'
  Distribution:
    distribution: '"centos"'
    version: "8"
  IDMappings:
    gidmap:
    - container_id: 0
      host_id: 10007
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
    uidmap:
    - container_id: 0
      host_id: 33857
      size: 1
    - container_id: 1
      host_id: 100000
      size: 65536
  MemFree: 5345513472
  MemTotal: 6244052992
  OCIRuntime:
    name: runc
    package: runc-1.0.0-65.rc10.module_el8.2.0+305+5e198a41.x86_64
    path: /usr/bin/runc
    version: 'runc version spec: 1.0.1-dev'
  SwapFree: 3951292416
  SwapTotal: 3999264768
  arch: amd64
  cpus: 2
  eventlogger: journald
  hostname: rcn07
  kernel: 4.18.0-193.el8.x86_64
  os: linux
  rootless: true
  slirp4netns:
    Executable: /bin/slirp4netns
    Package: slirp4netns-0.4.2-3.git21fdece.module_el8.2.0+305+5e198a41.x86_64
    Version: |-
      slirp4netns version 0.4.2+dev
      commit: 21fdece2737dc24ffa3f01a341b8a6854f8b13b4
  uptime: 13h 27m 6.51s (Approximately 0.54 days)
registries:
  blocked: null
  insecure: null
  search:
  - registry.access.redhat.com
  - registry.redhat.io
  - docker.io
store:
  ConfigFile: /home/xianwu/.config/containers/storage.conf
  ContainerStore:
    number: 40
  GraphDriverName: overlay
  GraphOptions:
    overlay.mount_program:
      Executable: /usr/bin/fuse-overlayfs
      Package: fuse-overlayfs-0.7.2-5.module_el8.2.0+305+5e198a41.x86_64
      Version: |-
        fuse-overlayfs: version 0.7.2
        FUSE library version 3.2.1
        using FUSE kernel interface version 7.26
  GraphRoot: /podmanfs
  GraphStatus:
    Backing Filesystem: extfs
    Native Overlay Diff: "false"
    Supports d_type: "true"
    Using metacopy: "false"
  ImageStore:
    number: 1
  RunRoot: /tmp/run-33857
  VolumePath: /podmanfs/storage/volumes

Output of podman info --debug:

(paste your output here)

Package info (e.g. output of rpm -q podman or apt list podman):

[xianwu@rcn07 ~]$ rpm -qa |grep podman
podman-1.6.4-10.module_el8.2.0+305+5e198a41.x86_64
podman-docker-1.6.4-10.module_el8.2.0+305+5e198a41.noarch```

**Additional environment details (AWS, VirtualBox, physical, etc.):**
centos on vmware vm.

[mheon]

This is intentional (but only for rootless). As rootless, we need a user namespace to allow us to do some things we normally cannot (mount tmpfs/fuse filesystems, access users other than the one currently logged in). We also need to use the same user namespace for every container (to ensure that, if we want to share something with another container, that will work). On every launch, rootless Podman checks for the presence of the pause process via a pidfile. If it exists, we join its user namespace; if not, we create a fresh pause process with a fresh user namespace, and save that in a PID file.

Generally speaking, the pause process will hang around doing nothing but ensuring the namespace is alive and ready for use in the kernel. It shouldn't use much in the way of resources. If you have no containers running, you can kill it safely, and we'll just spin up another when a fresh Podman launches.