Calling clone(CLONE_NEWPID) results in the new pid namespace getting a new "init" process.

This process is now resposible for reaping all child processes that no longer have a
direct parent process.

Often, failure to do this goes unnoticed, because our sandbox'd processes don't often
fork other processes that then continue to turn into daemon processes. But there is no
reason, why they couldn't occasionally do so. And in fact, the seccomp sandbox does do
so for its trusted process.

In the past, this would result in us having lots of uncollected zombie processes that
only disappeared when the browser terminated.

BUG=109944
TEST=Run Chrome with both the suid sandbox and the seccomp sandbox, open and close a few tabs, verify that we don't produce any zombie processes
Review URL: https://chromiumcodereview.appspot.com/9295005

git-svn-id: svn://svn.chromium.org/chrome/trunk/src@119746 0039d316-1c4b-4281-b951-d872f2087c98

1 files changed, 2 insertions, 0 deletions

diff --git a/sandbox/sandbox.gyp b/sandbox/sandbox.gyp
index f7ebcd7..4224019 100644
--- a/sandbox/sandbox.gyp
+++ b/sandbox/sandbox.gyp
@@ -155,6 +155,8 @@
           'target_name': 'chrome_sandbox',
           'type': 'executable',
           'sources': [
+            'linux/suid/init_process.c',
+            'linux/suid/init_process.h',
             'linux/suid/linux_util.c',
             'linux/suid/linux_util.h',
             'linux/suid/process_util.h',