From f9485ca27cd7df431b29079bdc7aba0f139cc865 Mon Sep 17 00:00:00 2001 From: Andrey Arapov Date: Thu, 22 Aug 2024 11:46:38 +0200 Subject: [PATCH] fix(base-ssh,ssh-ubuntu): use tini for zombie reaping (#565) --- base-ssh/Dockerfile.centos | 9 +++++++-- base-ssh/Dockerfile.debian | 9 +++++++-- base-ssh/Dockerfile.suse | 9 +++++++-- base-ssh/Dockerfile.ubuntu | 9 +++++++-- ssh-ubuntu/Dockerfile.ubuntu | 9 +++++++-- 5 files changed, 35 insertions(+), 10 deletions(-) diff --git a/base-ssh/Dockerfile.centos b/base-ssh/Dockerfile.centos index c43db92d..8b7a4dd8 100644 --- a/base-ssh/Dockerfile.centos +++ b/base-ssh/Dockerfile.centos @@ -13,8 +13,13 @@ RUN dnf -y update && \ COPY ssh-entrypoint.sh /usr/local/bin/init.sh RUN chmod +x /usr/local/bin/init.sh -ENTRYPOINT ["/usr/local/bin/init.sh"] +# Use tini as an init system to manage orphaned child processes, ensuring they +# don't become zombie (defunct) processes by reaping (cleaning up) them when +# their parent process doesn't. +ADD https://github.com/krallin/tini/releases/download/v0.19.0/tini /tini +RUN chmod +x /tini +ENTRYPOINT ["/tini", "--", "/usr/local/bin/init.sh"] CMD ["tail", "-f", "/dev/null"] -EXPOSE 22 \ No newline at end of file +EXPOSE 22 diff --git a/base-ssh/Dockerfile.debian b/base-ssh/Dockerfile.debian index 28a99d25..3eb30e8a 100644 --- a/base-ssh/Dockerfile.debian +++ b/base-ssh/Dockerfile.debian @@ -10,8 +10,13 @@ RUN apt-get update; \ COPY ssh-entrypoint.sh /usr/local/bin/init.sh RUN chmod +x /usr/local/bin/init.sh -ENTRYPOINT ["/usr/local/bin/init.sh"] +# Use tini as an init system to manage orphaned child processes, ensuring they +# don't become zombie (defunct) processes by reaping (cleaning up) them when +# their parent process doesn't. +ADD https://github.com/krallin/tini/releases/download/v0.19.0/tini /tini +RUN chmod +x /tini +ENTRYPOINT ["/tini", "--", "/usr/local/bin/init.sh"] CMD ["tail", "-f", "/dev/null"] -EXPOSE 22 \ No newline at end of file +EXPOSE 22 diff --git a/base-ssh/Dockerfile.suse b/base-ssh/Dockerfile.suse index aa0f452a..7153bdf8 100644 --- a/base-ssh/Dockerfile.suse +++ b/base-ssh/Dockerfile.suse @@ -14,8 +14,13 @@ RUN mkdir -p /run/sshd && \ COPY ssh-entrypoint.sh /usr/local/bin/init.sh RUN chmod +x /usr/local/bin/init.sh -ENTRYPOINT ["/usr/local/bin/init.sh"] +# Use tini as an init system to manage orphaned child processes, ensuring they +# don't become zombie (defunct) processes by reaping (cleaning up) them when +# their parent process doesn't. +ADD https://github.com/krallin/tini/releases/download/v0.19.0/tini /tini +RUN chmod +x /tini +ENTRYPOINT ["/tini", "--", "/usr/local/bin/init.sh"] CMD ["tail", "-f", "/dev/null"] -EXPOSE 22 \ No newline at end of file +EXPOSE 22 diff --git a/base-ssh/Dockerfile.ubuntu b/base-ssh/Dockerfile.ubuntu index 8ad2d8f7..000a59c5 100644 --- a/base-ssh/Dockerfile.ubuntu +++ b/base-ssh/Dockerfile.ubuntu @@ -10,8 +10,13 @@ RUN apt-get update; \ COPY ssh-entrypoint.sh /usr/local/bin/init.sh RUN chmod +x /usr/local/bin/init.sh -ENTRYPOINT ["/usr/local/bin/init.sh"] +# Use tini as an init system to manage orphaned child processes, ensuring they +# don't become zombie (defunct) processes by reaping (cleaning up) them when +# their parent process doesn't. +ADD https://github.com/krallin/tini/releases/download/v0.19.0/tini /tini +RUN chmod +x /tini +ENTRYPOINT ["/tini", "--", "/usr/local/bin/init.sh"] CMD ["tail", "-f", "/dev/null"] -EXPOSE 22 \ No newline at end of file +EXPOSE 22 diff --git a/ssh-ubuntu/Dockerfile.ubuntu b/ssh-ubuntu/Dockerfile.ubuntu index 8ad2d8f7..000a59c5 100644 --- a/ssh-ubuntu/Dockerfile.ubuntu +++ b/ssh-ubuntu/Dockerfile.ubuntu @@ -10,8 +10,13 @@ RUN apt-get update; \ COPY ssh-entrypoint.sh /usr/local/bin/init.sh RUN chmod +x /usr/local/bin/init.sh -ENTRYPOINT ["/usr/local/bin/init.sh"] +# Use tini as an init system to manage orphaned child processes, ensuring they +# don't become zombie (defunct) processes by reaping (cleaning up) them when +# their parent process doesn't. +ADD https://github.com/krallin/tini/releases/download/v0.19.0/tini /tini +RUN chmod +x /tini +ENTRYPOINT ["/tini", "--", "/usr/local/bin/init.sh"] CMD ["tail", "-f", "/dev/null"] -EXPOSE 22 \ No newline at end of file +EXPOSE 22