From 94e6490a79a55dc3d4bfddd9e3cc6f04c83e26d8 Mon Sep 17 00:00:00 2001
From: Guy Elsmore-Paddock <guy.paddock@gmail.com>
Date: Thu, 25 Dec 2025 01:16:52 -0500
Subject: [PATCH] Use `tini` as Docker Runtime Init to Ensure Zombie Processes
 Get Reaped (#12133)

Co-authored-by: Tim O'Farrell <tofarr@gmail.com>
---
 openhands/app_server/sandbox/docker_sandbox_service.py | 3 +++
 openhands/runtime/impl/docker/docker_runtime.py        | 3 +++
 2 files changed, 6 insertions(+)

diff --git a/openhands/app_server/sandbox/docker_sandbox_service.py b/openhands/app_server/sandbox/docker_sandbox_service.py
index a0aeddc0e6..e93b73b031 100644
--- a/openhands/app_server/sandbox/docker_sandbox_service.py
+++ b/openhands/app_server/sandbox/docker_sandbox_service.py
@@ -346,6 +346,9 @@ class DockerSandboxService(SandboxService):
                 working_dir=sandbox_spec.working_dir,
                 labels=labels,
                 detach=True,
+                # Use Docker's tini init process to ensure proper signal handling and reaping of
+                # zombie child processes.
+                init=True,
             )
 
             sandbox_info = await self._container_to_sandbox_info(container)
diff --git a/openhands/runtime/impl/docker/docker_runtime.py b/openhands/runtime/impl/docker/docker_runtime.py
index effac9d7a2..665edbea75 100644
--- a/openhands/runtime/impl/docker/docker_runtime.py
+++ b/openhands/runtime/impl/docker/docker_runtime.py
@@ -520,6 +520,9 @@ class DockerRuntime(ActionExecutionClient):
 
             self.container = self.docker_client.containers.run(
                 self.runtime_container_image,
+                # Use Docker's tini init process to ensure proper signal handling and reaping of
+                # zombie child processes.
+                init=True,
                 command=command,
                 # Override the default 'bash' entrypoint because the command is a binary.
                 entrypoint=[],