From 7bb0841f42b3a4b2d75d2acca2b9e66509e1234b Mon Sep 17 00:00:00 2001
From: Ogulcan Celik <ogulcancelik@gmail.com>
Date: Fri, 9 Jan 2026 03:05:29 +0300
Subject: [PATCH] fix: prevent systemd hang on restart with podman sandboxes

Add KillMode=process to generated systemd unit file. Without this,
podman's conmon processes (which monitor sandbox containers) block
shutdown since they're children of the gateway process.

This preserves the desired behavior of keeping containers alive
across restarts while preventing systemd from waiting indefinitely.
---
 src/daemon/systemd.ts | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/daemon/systemd.ts b/src/daemon/systemd.ts
index f5fdc4829..3f50cd58a 100644
--- a/src/daemon/systemd.ts
+++ b/src/daemon/systemd.ts
@@ -154,6 +154,10 @@ function buildSystemdUnit({
     `ExecStart=${execStart}`,
     "Restart=always",
     "RestartSec=5",
+    // KillMode=process ensures systemd only waits for the main process to exit.
+    // Without this, podman's conmon (container monitor) processes block shutdown
+    // since they run as children of the gateway and stay in the same cgroup.
+    "KillMode=process",
     workingDirLine,
     ...envLines,
     "",