パッケージ: gosu (1.10-1ubuntu0.20.04.2)

Simple Go-based setuid+setgid+setgroups+exec

This is a simple tool grown out of the simple fact that "su" and "sudo" have very strange and often annoying TTY and signal-forwarding behavior. They're also somewhat complex to setup and use (especially in the case of "sudo"), which allows for a great deal of expressivity, but falls flat if all you need is "run this specific application as this specific user and get out of the pipeline".

The core of how "gosu" works is stolen directly from how Docker/libcontainer itself starts an application inside a container (and in fact, is using the "/etc/passwd" processing code directly from libcontainer's codebase).

Once the user/group is processed, we switch to that user, then we "exec" the specified process and "gosu" itself is no longer resident or involved in the process lifecycle at all. This avoids all the issues of signal passing and TTY, and punts them to the process invoking "gosu" and the process being invoked by "gosu", where they belong.