If using catatonit with e.g. podman to get a pid1 in a container that uses socket activation there is in an issue with how fd:s are handled. The fd:s are properly inherted into pid2, but they are not closed in the remaining pid1 babysitter process. This means if pid2 closes the inherited fd it is still kept open by pid1.
imho, pid1 should close all fds > 2 and dup the other ones to /dev/null (possibly excepting stderr).
If using catatonit with e.g. podman to get a pid1 in a container that uses socket activation there is in an issue with how fd:s are handled. The fd:s are properly inherted into pid2, but they are not closed in the remaining pid1 babysitter process. This means if pid2 closes the inherited fd it is still kept open by pid1.
imho, pid1 should close all fds > 2 and dup the other ones to /dev/null (possibly excepting stderr).