pid-sandbox: execute pid-ns-init as pid 1 (bug 675312)

Execute pid-ns-init as the first fork after unshare, as
required for it to have pid 1 and become the default reaper
of orphaned descendant processes. In _exec, exec a separate
pid-ns-init process to behave as a supervisor which will
forward signals to init and forward exit status to the parent

Fixes: a75d5546e3a4 ("Introduce a tiny init replacement for inside pid namespace")
Reviewed-by: Brian Dolbec <>
Signed-off-by: Zac Medico <>
2 files changed