However, to the "outside world", these appear as normal processes. The processes inside the job can't view or contact external processes - two jobs running within the same Unix account can't discover or send signals to each other. Additionally, when "PID 1" dies, the kernel wipes out the remaining processes started by the job. It's a fairly neat trick. This all requires kernel 2.6.24 or later.
Brian:This _is_ a neat trick. It seems unfortunate that /proc doesn't do the right thing automatically.
A wonder where the right place to use it is, though -- if the starter were the "init", then if it crashed, processes would get cleaned up, and it would get to reap re-parented subprocesses of the job, and thus get their rusage info.
It would be nice to have a wrapper program to create a new pid namespace for subchildren arguments. Then we could just put the master in it's own pid namespace in the init script, something like
new_pid_namespace condor_master -f ... -greg