[PR #2715] [MERGED] Add deterministic-exit-code option #4496

New issue

Closed

opened 2026-05-05 10:21:10 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 10:21:10 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/netblue30/firejail/pull/2715
Author: @apmorton
Created: 5/21/2019
Status: ✅ Merged
Merged: 5/21/2019
Merged by: @chiraag-nataraj

Base: master ← Head: features/deterministic-exit-code

📝 Commits (1)

d380de3 Add deterministic-exit-code option to ensure firejail exits with the first childs exit code regardless of the termination ordering of orphaned children

📊 Changes

9 files changed (+82 additions, -2 deletions)

View changed files

📝 src/firejail/firejail.h (+1 -0)
📝 src/firejail/main.c (+4 -0)
📝 src/firejail/profile.c (+5 -0)
📝 src/firejail/sandbox.c (+5 -2)
📝 src/firejail/usage.c (+1 -0)
📝 src/man/firejail-profile.txt (+4 -0)
📝 src/man/firejail.txt (+4 -0)
➕ test/environment/deterministic-exit-code.exp (+55 -0)
📝 test/environment/environment.sh (+3 -0)

📄 Description

Ensures firejail exits with the first childs exit code regardless of the termination ordering of orphaned children.

Firejail currently exits with the status code of whatever child itself exits last.
This can be non-deterministic if there are any orphaned children that outlive the process firejail launches.

Another patch motivated by compiler-explorer.

We care about the exit status of the process we run within firejail.
Some compilers we run potentially spawn and orphan non-critical background tasks, telemetry agents for example. We don't care if these auxiliary processes exit with an error. If they do exit with an error after the compiler itself exits, we lose the exit status of the compiler. If the compiler exits with an error, and then the telemetry agent exits without an error, we lose the error condition from the compiler.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/netblue30/firejail/pull/2715 **Author:** [@apmorton](https://github.com/apmorton) **Created:** 5/21/2019 **Status:** ✅ Merged **Merged:** 5/21/2019 **Merged by:** [@chiraag-nataraj](https://github.com/chiraag-nataraj) **Base:** `master` ← **Head:** `features/deterministic-exit-code` --- ### 📝 Commits (1) - [`d380de3`](https://github.com/netblue30/firejail/commit/d380de39f039cf23a992b08c506cc200a7cf6292) Add deterministic-exit-code option to ensure firejail exits with the first childs exit code regardless of the termination ordering of orphaned children ### 📊 Changes **9 files changed** (+82 additions, -2 deletions) <details> <summary>View changed files</summary> 📝 `src/firejail/firejail.h` (+1 -0) 📝 `src/firejail/main.c` (+4 -0) 📝 `src/firejail/profile.c` (+5 -0) 📝 `src/firejail/sandbox.c` (+5 -2) 📝 `src/firejail/usage.c` (+1 -0) 📝 `src/man/firejail-profile.txt` (+4 -0) 📝 `src/man/firejail.txt` (+4 -0) ➕ `test/environment/deterministic-exit-code.exp` (+55 -0) 📝 `test/environment/environment.sh` (+3 -0) </details> ### 📄 Description Ensures firejail exits with the first childs exit code regardless of the termination ordering of orphaned children. Firejail currently exits with the status code of whatever child itself exits last. This can be non-deterministic if there are any orphaned children that outlive the process firejail launches. Another patch motivated by [compiler-explorer](https://github.com/mattgodbolt/compiler-explorer). We care about the exit status of the process we run within firejail. Some compilers we run potentially spawn and orphan non-critical background tasks, telemetry agents for example. We don't care if these auxiliary processes exit with an error. If they do exit with an error *after* the compiler itself exits, we lose the exit status of the compiler. If the compiler exits with an error, and then the telemetry agent exits without an error, we lose the error condition from the compiler. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

gitea-mirror

2026-05-05 10:21:10 -06:00

closed this issue
added the
pull-request
label

No milestone

No project

No assignees

1 participant

Notifications

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/firejail#4496

No description provided.

Rows
Columns