diff options
author | Viacheslav Hletenko <v.gletenko@vyos.io> | 2024-01-12 18:44:43 +0000 |
---|---|---|
committer | Viacheslav Hletenko <v.gletenko@vyos.io> | 2024-01-12 18:44:43 +0000 |
commit | 4c71c46cbb840167708e75e902de5bfc9e31a03e (patch) | |
tree | 4032797aba6d3e2871fa4527e0a46378358e645a /data/templates/container/systemd-unit.j2 | |
parent | 4c29922cc0baa9c127391b58e82b76f69e1e2dce (diff) | |
download | vyos-1x-4c71c46cbb840167708e75e902de5bfc9e31a03e.tar.gz vyos-1x-4c71c46cbb840167708e75e902de5bfc9e31a03e.zip |
T5925: Containers change systemd KillMode
By default we use mode `none` for containers
Unit uses KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update the
service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
Diffstat (limited to 'data/templates/container/systemd-unit.j2')
-rw-r--r-- | data/templates/container/systemd-unit.j2 | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/data/templates/container/systemd-unit.j2 b/data/templates/container/systemd-unit.j2 index fa48384ab..d379f0a07 100644 --- a/data/templates/container/systemd-unit.j2 +++ b/data/templates/container/systemd-unit.j2 @@ -13,5 +13,5 @@ ExecStop=/usr/bin/podman stop --ignore --cidfile %t/%n.cid -t 5 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/%n.cid ExecStopPost=/bin/rm -f %t/%n.cid PIDFile=%t/%n.pid -KillMode=none +KillMode=control-group Type=forking |