From bd914e5fdb2dd44b478a9e20a092fcaa2442657c Mon Sep 17 00:00:00 2001 From: lfbzhm Date: Tue, 10 Oct 2023 11:31:10 +0000 Subject: [PATCH] clarify kill and delete operation for shared pid namespace container Signed-off-by: lfbzhm --- runtime.md | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/runtime.md b/runtime.md index d3aaa9b14..23c16a6e2 100644 --- a/runtime.md +++ b/runtime.md @@ -132,16 +132,26 @@ This operation MUST generate an error if `process` was not set. `kill ` This operation MUST [generate an error](#errors) if it is not provided the container ID. + Attempting to send a signal to a container that is neither [`created` nor `running`](#state) MUST have no effect on the container and MUST [generate an error](#errors). -This operation MUST send the specified signal to the container process. + +This operation MUST send the specified signal to the container's init process. + +Specially, if the signal is `SIGKILL` and the container does not use its own private PID namespace, this operation MUST send the `SIGKILL` signal to all the processes in the container, even if the container's state is `stopped`. If there is no process left in this type container, the operation MUST [generate an error](#errors). ### Delete `delete ` This operation MUST [generate an error](#errors) if it is not provided the container ID. + Attempting to `delete` a container that is not [`stopped`](#state) MUST have no effect on the container and MUST [generate an error](#errors). + Deleting a container MUST delete the resources that were created during the `create` step. + +Specially, when deleting a container, which does not use its own private PID namespace, the operation should ensure kill all processes in this type container, and ensure no process left in it. + Note that resources associated with the container, but not created by this container, MUST NOT be deleted. + Once a container is deleted its ID MAY be used by a subsequent container.