From 64ef8f7b652870624a219a026bb29c7b78d93c9e Mon Sep 17 00:00:00 2001 From: Karl-Johan Karlsson Date: Sat, 23 Jan 2016 22:09:46 +0100 Subject: Make the sandbox process reap all children. The sandbox process is PID 1 in the sandbox, which means it needs to reap orphans within the jail by running waitpid(-1). Solves netblue30/firejail#256 --- src/firejail/sandbox.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/src/firejail/sandbox.c b/src/firejail/sandbox.c index b49172f1f..441269277 100644 --- a/src/firejail/sandbox.c +++ b/src/firejail/sandbox.c @@ -134,7 +134,11 @@ static void monitor_application(pid_t app_pid) { usleep(20000); int status; - unsigned rv = waitpid(app_pid, &status, 0); + unsigned rv; + do { + rv = waitpid(-1, &status, 0); + } + while(rv != app_pid); if (arg_debug) printf("Sandbox monitor: waitpid %u retval %d status %d\n", app_pid, rv, status); -- cgit v1.2.3-54-g00ecf