1

I'd like to send a systemd notification with readiness and main pid. Unfortunately, it seems like systemd doesn't cope with translating pids from different namespaces. (Just a guess...)

Specifically, I'm staring a service with:

ExecStart=podman run --rm --cgroups=disabled -v /run/systemd:/run/systemd ... script.sh

And the started script does:

echo "MAINPID=$$" | nc -uUN -w0 /run/systemd/notify

This doesn't seem to change anything. The MAINPID is set to either conman (default) or podman (--sdnotify=ignore). Then again, I'm effectively sending MAINPID=1 from inside the running container.

Is there some workaround here to ensure a specific process inside the service/container becomes the MAINPID instead?

viraptor
  • 1,296
  • 6
  • 21
  • 41
  • 1
    Maybe this could give you some ideas: I made an experiment with a systemd system service `User=` and `StartExecPost=+/some/path` (see [GitHub comment](https://github.com/containers/podman/issues/12778#issuecomment-1586255815)). Note, starting the path with a plus sign instructs systemd to run the command as root. I learned that __systemd__ accepts a sent MAINPID when it is sent from an unexpected process if the process is running as root. – Erik Sjölund Jul 18 '23 at 10:37
  • @ErikSjölund it's disgusting and it works :⁠-⁠) wanna use it in the answer? – viraptor Aug 01 '23 at 12:45

1 Answers1

1

Using a path in ExecStartPost= that starts with a plus sign, instructs systemd to run the command as root. I learned that systemd accepts a sent MAINPID when it is sent from an unexpected process if the process is running as root.

If you want to experiment, you could try

ExecStartPost=+/some/path

References: I made an experiment with a systemd system service User= and ExecStartPost= (see GitHub comment).

Erik Sjölund
  • 2,115
  • 5
  • 22
  • 27