Bug#796477: ITP: gosu -- Simple Go-based setuid+setgid+setgroups+exec
Package: wnpp
Severity: wishlist
Owner: Tianon Gravi <tianon@debian.org>
X-Debbugs-CC: paultag@debian.org
* Package name : gosu
Version : 1.4-1
Upstream Author : Tianon Gravi
* URL : https://github.com/tianon/gosu
* License : GPL-3+
Programming Lang: Go
Description : Simple Go-based setuid+setgid+setgroups+exec
This is a simple tool grown out of the simple fact that "su" and "sudo" have
very strange and often annoying TTY and signal-forwarding behavior. They're
also somewhat complex to setup and use (especially in the case of "sudo"),
which allows for a great deal of expressivity, but falls flat if all you need
is "run this specific application as this specific user and get out of the
pipeline".
.
The core of how "gosu" works is stolen directly from how Docker/libcontainer
itself starts an application inside a container (and in fact, is using the
"/etc/passwd" processing code directly from libcontainer's codebase).
.
Once the user/group is processed, we switch to that user, then we "exec" the
specified process and "gosu" itself is no longer resident or involved in the
process lifecycle at all. This avoids all the issues of signal passing and TTY,
and punts them to the process invoking "gosu" and the process being invoked by
"gosu", where they belong.
I'm packaging this specifically because I've had multiple folks (DDs and
non-DDs alike) request that I do so. :)
♥,
- Tianon
4096R / B42F 6819 007F 00F8 8E36 4FD4 036A 9C25 BF35 7DD4
Reply to: