Skip to content

Add official setpriv-wrapper.sh which implements gosu in pure POSIX shell via setpriv#143

Open
tianon wants to merge 1 commit intotianon:masterfrom
self-five:setpriv-wrapper
Open

Add official setpriv-wrapper.sh which implements gosu in pure POSIX shell via setpriv#143
tianon wants to merge 1 commit intotianon:masterfrom
self-five:setpriv-wrapper

Conversation

@tianon
Copy link
Owner

@tianon tianon commented Jun 3, 2024

This promotes setpriv to the official (coveted) "top" spot in the list of Alternatives.

@tianon tianon force-pushed the setpriv-wrapper branch 2 times, most recently from 8903867 to 3c1fd16 Compare June 3, 2024 22:15
@tianon
Copy link
Owner Author

tianon commented Jun 17, 2024

I think "fragile" is probably the best description of this code. It definitely does The Thing, but probably not the best answer for an actual "load bearing" component of another system, so perhaps I should leave this as-is and only include the README shuffling? Perhaps even with a reference to this PR for users who really want to dig themselves a hole? 🤔

@grooverdan
Copy link

FWIW SUSE folks have gone the setpriv approach https://github.com/SUSE/BCI-dockerfile-generator/blob/main/src/bci_build/package/mariadb.py#L20-L31

@tianon
Copy link
Owner Author

tianon commented Nov 26, 2024

I don't love the implementation, but it's fine -- however, I really find it offputting that they call it gosu and think they should give it a different name. It is not even "gosu compatible" as written (for that, they'd need to use something like the script I've got in this PR, but even then shouldn't be called "gosu"). I've got a pretty extensive test suite of the edge cases of the gosu/Docker/libcontainer/runc "users" parsing here that I've successfully run the script in this PR through.

Edit: dug in to find the place it was added and raised this with those folks in SUSE/BCI-dockerfile-generator#963 (comment)

Edit 2: now in SUSE/BCI-dockerfile-generator#2070

Edit 3: and done/renamed in SUSE/BCI-dockerfile-generator#2134

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants