Cmd pdeathsig

lib/src/install.rs

@@ -840,7 +840,8 @@ async fn install_container(
 /// Run a command in the host mount namespace
 pub(crate) fn run_in_host_mountns(cmd: &str) -> Command {
     let mut c = Command::new("/proc/self/exe");
-    c.args(["exec-in-host-mount-namespace", cmd]);
+    c.lifecycle_bind()
+        .args(["exec-in-host-mount-namespace", cmd]);
     c
 }
 

lib/src/utils.rs

@@ -5,6 +5,7 @@ use std::process::Command;
 use std::time::Duration;
 
 use anyhow::{Context, Result};
+use bootc_utils::CommandRunExt;
 #[cfg(feature = "install")]
 use camino::Utf8Path;
 use cap_std_ext::cap_std::fs::Dir;
@@ -116,15 +117,12 @@ pub(crate) fn spawn_editor(tmpf: &tempfile::NamedTempFile) -> Result<()> {
     let argv0 = editor_args
         .next()
         .ok_or_else(|| anyhow::anyhow!("Invalid editor: {editor}"))?;
-    let status = Command::new(argv0)
+    Command::new(argv0)
         .args(editor_args)
         .arg(tmpf.path())
-        .status()
-        .context("Spawning editor")?;
-    if !status.success() {
-        anyhow::bail!("Invoking editor: {editor} failed: {status:?}");
-    }
-    Ok(())
+        .lifecycle_bind()
+        .run()
+        .with_context(|| format!("Invoking editor {editor} failed"))
 }
 
 /// Convert a combination of values (likely from CLI parsing) into a signature source

ostree-ext/Cargo.toml

@@ -19,6 +19,7 @@ ostree = { features = ["v2022_6"], version = "0.19.0" }
 
 # Private dependencies
 anyhow = { workspace = true }
+bootc-utils = { path = "../utils" }
 camino = { workspace = true, features = ["serde1"] }
 chrono = { workspace = true }
 olpc-cjson = "0.1.1"

ostree-ext/src/container/deploy.rs

@@ -5,6 +5,7 @@ use std::os::fd::BorrowedFd;
 use std::process::Command;
 
 use anyhow::Result;
+use bootc_utils::CommandRunExt;
 use cap_std_ext::cmdext::CapStdExtCommandExt;
 use fn_error_context::context;
 use ocidir::cap_std::fs::Dir;
@@ -148,6 +149,7 @@ pub async fn deploy(
             let st = Command::new("/proc/self/exe")
                 .args(["internals", "bootc-install-completion", ".", stateroot])
                 .cwd_dir(sysroot_dir.try_clone()?)
+                .lifecycle_bind()
                 .status()?;
             if !st.success() {
                 anyhow::bail!("Failed to complete bootc install");

utils/Cargo.toml

@@ -8,6 +8,7 @@ repository = "https://github.com/containers/bootc"
 
 [dependencies]
 anyhow = { workspace = true }
+rustix = { workspace = true }
 serde = { workspace = true, features = ["derive"] }
 serde_json = { workspace = true }
 tempfile = { workspace = true }

utils/src/command.rs

@@ -2,6 +2,7 @@
 
 use std::{
     io::{Read, Seek},
+    os::unix::process::CommandExt,
     process::Command,
 };
 
@@ -15,6 +16,9 @@ pub trait CommandRunExt {
     /// Execute the child process.
     fn run(&mut self) -> Result<()>;
 
+    /// Ensure the child does not outlive the parent.
+    fn lifecycle_bind(&mut self) -> &mut Self;
+
     /// Execute the child process and capture its output. This uses `run` internally
     /// and will return an error if the child process exits abnormally.
     fn run_get_output(&mut self) -> Result<Box<dyn std::io::BufRead>>;
@@ -84,6 +88,19 @@ impl CommandRunExt for Command {
         self.status()?.check_status(stderr)
     }
 
+    #[allow(unsafe_code)]
+    fn lifecycle_bind(&mut self) -> &mut Self {
+        // SAFETY: This API is safe to call in a forked child.
+        unsafe {
+            self.pre_exec(|| {
+                rustix::process::set_parent_process_death_signal(Some(
+                    rustix::process::Signal::Term,
+                ))
+                .map_err(Into::into)
+            })
+        }
+    }
+
     /// Output a debug-level log message with this command.
     fn log_debug(&mut self) -> &mut Self {
         // We unconditionally log at trace level, so avoid double logging