I was thinking "would we ever need to run ld.so in the container anyway, and need that ld.so to be pid 1?" Like: /lib64/ld.so --some-flags tst-the-test.elf but I suppose you can still exec() ld.so from the test.