Reap random zombies
kasbert opened this issue · comments
If monit is used as init process in docker, it does not reap extra zombie processes created by services. It would be nice, if it did so.
Example Dockerfile:
FROM ubuntu:22.04
RUN \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends monit && \
apt clean
RUN \
printf '#!/bin/bash\nnohup date&' > /necromancer && \
chmod 755 /necromancer && \
printf 'check process hello matching nothing start "/necromancer"' > /etc/monit/conf-enabled/hello
ENTRYPOINT ["monit"]
CMD ["-I", "-B", "-v" , "-d", "10"]
Build and run:
docker build -t monit-test .
docker run --rm -d --name test monit-test
The zombie processes start invading the container:
docker exec -it test ps -ef
UID PID PPID C STIME TTY TIME CMD
root 1 0 1 06:21 ? 00:00:06 monit -I -B -v -d 10
root 8 1 0 06:21 ? 00:00:00 [date] <defunct>
root 16 1 0 06:21 ? 00:00:00 [date] <defunct>
root 18 1 0 06:22 ? 00:00:00 [date] <defunct>
root 20 1 0 06:23 ? 00:00:00 [date] <defunct>
root 22 1 0 06:23 ? 00:00:00 [date] <defunct>
root 30 1 0 06:24 ? 00:00:00 [date] <defunct>
root 32 1 0 06:25 ? 00:00:00 [date] <defunct>
root 34 1 0 06:25 ? 00:00:00 [date] <defunct>
root 36 1 3 06:26 ? 00:00:00 [date] <defunct>
root 37 0 0 06:26 pts/0 00:00:00 ps -ef
As a workaround I use tini as the entrypoint
FROM ubuntu:22.04
RUN \
apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get install -y --no-install-recommends monit tini && \
apt clean
RUN \
printf '#!/bin/bash\nnohup date&' > /necromancer && \
chmod 755 /necromancer && \
printf 'check process hello matching nothing start "/necromancer"' > /etc/monit/conf-enabled/hello
ENTRYPOINT ["tini"]
CMD ["-vv", "-g", "--", "monit", "-I", "-B", "-v" , "-d", "10"]