From 10c951e335b3a437f35af86dd9f0e59cd19deab5 Mon Sep 17 00:00:00 2001
From: lifubang <lifubang@acmcoder.com>
Date: Mon, 23 Sep 2024 20:59:57 +0800
Subject: [PATCH] add ErrCgroupNotExist

For some rootless container, runc has no access to cgroup,
But the container is still running. So we should return the
`ErrNotRunning` and `ErrCgroupNotExist` error seperatlly.

Signed-off-by: lifubang <lifubang@acmcoder.com>
---
 libcontainer/container_linux.go |  5 +++++
 libcontainer/error.go           | 15 ++++++++-------
 libcontainer/init_linux.go      |  4 +---
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go
index 6a91df01db0..0b17168c2bb 100644
--- a/libcontainer/container_linux.go
+++ b/libcontainer/container_linux.go
@@ -394,6 +394,11 @@ func (c *Container) Signal(s os.Signal) error {
 				// https://github.com/opencontainers/runc/pull/4395#pullrequestreview-2291179652
 				return c.signal(s)
 			}
+			// For not rootless container, if there is no init process and no cgroup,
+			// it means that the container is not running.
+			if errors.Is(err, ErrCgroupNotExist) && !c.hasInit() {
+				err = ErrNotRunning
+			}
 			return fmt.Errorf("unable to kill all processes: %w", err)
 		}
 		return nil
diff --git a/libcontainer/error.go b/libcontainer/error.go
index 510c072264f..7f6a5eb463b 100644
--- a/libcontainer/error.go
+++ b/libcontainer/error.go
@@ -3,11 +3,12 @@ package libcontainer
 import "errors"
 
 var (
-	ErrExist      = errors.New("container with given ID already exists")
-	ErrInvalidID  = errors.New("invalid container ID format")
-	ErrNotExist   = errors.New("container does not exist")
-	ErrPaused     = errors.New("container paused")
-	ErrRunning    = errors.New("container still running")
-	ErrNotRunning = errors.New("container not running")
-	ErrNotPaused  = errors.New("container not paused")
+	ErrExist          = errors.New("container with given ID already exists")
+	ErrInvalidID      = errors.New("invalid container ID format")
+	ErrNotExist       = errors.New("container does not exist")
+	ErrPaused         = errors.New("container paused")
+	ErrRunning        = errors.New("container still running")
+	ErrNotRunning     = errors.New("container not running")
+	ErrNotPaused      = errors.New("container not paused")
+	ErrCgroupNotExist = errors.New("cgroup not exist")
 )
diff --git a/libcontainer/init_linux.go b/libcontainer/init_linux.go
index 90f40cad257..797982ad252 100644
--- a/libcontainer/init_linux.go
+++ b/libcontainer/init_linux.go
@@ -695,11 +695,9 @@ func setupPersonality(config *configs.Config) error {
 
 // signalAllProcesses freezes then iterates over all the processes inside the
 // manager's cgroups sending the signal s to them.
-//
-// signalAllProcesses returns ErrNotRunning when the cgroup does not exist.
 func signalAllProcesses(m cgroups.Manager, s unix.Signal) error {
 	if !m.Exists() {
-		return ErrNotRunning
+		return ErrCgroupNotExist
 	}
 	// Use cgroup.kill, if available.
 	if s == unix.SIGKILL {