On Fri, 29 Sept 2023 at 12:00, Lewis Gaul <lewis.g...@gmail.com> wrote: > > Hi systemd team, > > I've encountered an issue when running systemd inside a container using > cgroups v2, where if a container exec process is created at the wrong moment > during early startup then systemd will fail to move all processes into a > child cgroup, and therefore fail to enable controllers due to the "no > internal processes" rule introduced in cgroups v2. In other words, a systemd > container is started and very soon after a process is created via e.g. > 'podman exec systemd-ctr cmd', where the exec process is placed in the > container's namespaces (although not a child of the container's PID 1). This > is not a totally crazy thing to be doing - this was hit when testing a > systemd container, using a container exec "probe" to check when the container > is ready.
Use the notify socket and you'll get a notification back when the container is ready, without having to inject anything
