I’m trying to get pwait utility (https://github.com/chneukirchen/extrace) to work. It enables efficient wait for a process termination using kernel-based messaging. It works fine in standard Linux environment (primary OS, VirtualBox) but it fails in Docker.

The basic requirements are satisfied in Docker, i.e. kernel has support for required features:
CONFIG_CONNECTOR=y
CONFIG_PROC_EVENTS=y
but the utility fails when trying to send some data
socket(PF_NETLINK, SOCK_DGRAM, NETLINK_CONNECTOR) = 3
getpid() = 4244
bind(3, {sa_family=AF_NETLINK, pid=4244, groups=00000001}, 12) = 0
sendto(3, "(\0\0\0\3\0\0\0\0\0\0\0\224\20\0\0\1\0\0\0\1\0\0\0\0\0\0\0\0\0\0\0"..., 40, 0, NULL, 0) = -1 ECONNREFUSED (Connection refused)

I think it’s related to security or something like that. I tried various options, such as
--privileged
--security-opt seccomp:unconfined
but no success.

Note, that I run the program as root user, so I don’t expect a lack of user privileges.

Do you have an idea what could be wrong?

Thanks

Roman

You can see kernel code Linux source code:drivers/connector/connector.c dev->nls = netlink_kernel_create(&init_net, NETLINK_CONNECTOR, …)，the first param is not like that net… , that meams netlink only host network can see,docker has different network namespace, if you want use in docker , the docker cmd should be add --net host, docker network namespace shoule be same as host.