Lennart Poettering on Nostr: …the other options, as software run this way must be ready to run as PID 1 (i.e. ...
…the other options, as software run this way must be ready to run as PID 1 (i.e. reap reparented children and so on).
Note that in the Docker world the understanding that PID namespacing is semantically much more special than the others is not really commonplace (yeah, thinking about semantics wasn't their strength), hence I guess a lot of software that has been changed to deal with Docker's idiosyncrasies, probably is fine PrivatePIDs=, but I am nonetheless pretty sure PrivatProc=…
Note that in the Docker world the understanding that PID namespacing is semantically much more special than the others is not really commonplace (yeah, thinking about semantics wasn't their strength), hence I guess a lot of software that has been changed to deal with Docker's idiosyncrasies, probably is fine PrivatePIDs=, but I am nonetheless pretty sure PrivatProc=…