Currently, the cdebug exec implementation uses the hardcoded PID 1 for the /proc/<pid>/root symlink (right before chroot-ing). It seemingly works fine for containers with their own PID namespace since the main's container process is always PID 1. However, the approach isn't good enough for containers that share the host's PID ns since PID 1 will likely be the host's init manager and not one of the container's processes.
iximiuz
commented
1 year ago
Currently, the
cdebug execimplementation uses the hardcodedPID 1for the/proc/<pid>/rootsymlink (right before chroot-ing). It seemingly works fine for containers with their own PID namespace since the main's container process is always PID 1. However, the approach isn't good enough for containers that share the host's PID ns sincePID 1will likely be the host's init manager and not one of the container's processes.