2018-06-13 14:12:52 -04:00
|
|
|
#!/usr/bin/env bash
|
2018-06-05 01:01:18 -04:00
|
|
|
|
|
|
|
set -ex
|
2018-06-06 14:34:04 -04:00
|
|
|
set -o pipefail
|
2018-06-05 01:01:18 -04:00
|
|
|
|
|
|
|
if ! command -v curl &> /dev/null; then
|
|
|
|
echo >&2 'error: "curl" not found!'
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
if ! command -v gpg &> /dev/null; then
|
|
|
|
echo >&2 'error: "gpg" not found!'
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
GOSU_VERSION=1.10
|
|
|
|
dpkgArch=$(if test $(uname -m) = "x86_64"; then echo amd64; else echo i386; fi)
|
|
|
|
url="https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}"
|
|
|
|
url_key="https://github.com/tianon/gosu/releases/download/${GOSU_VERSION}/gosu-${dpkgArch}.asc"
|
|
|
|
|
|
|
|
# download and verify the signature
|
|
|
|
export GNUPGHOME="$(mktemp -d)"
|
|
|
|
|
2018-06-06 14:34:04 -04:00
|
|
|
gpg --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \
|
|
|
|
gpg --keyserver hkp://pgp.key-server.io:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 || \
|
|
|
|
gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4
|
2018-06-05 01:01:18 -04:00
|
|
|
|
|
|
|
echo "Downloading $url"
|
|
|
|
curl -o /usr/local/bin/gosu -# -SL $url
|
|
|
|
|
|
|
|
echo "Downloading $url_key"
|
|
|
|
curl -o /usr/local/bin/gosu.asc -# -SL $url_key
|
|
|
|
|
|
|
|
gpg --verify /usr/local/bin/gosu.asc
|
|
|
|
|
2019-04-22 16:18:16 +00:00
|
|
|
# cleanup -- need to kill agent so that there is no race condition for
|
2019-04-22 18:29:35 +00:00
|
|
|
# agent files in $GNUPGHOME. Only need to do this on newer distros
|
2019-05-22 13:13:13 -04:00
|
|
|
# with gpgconf installed supporting the option.
|
2019-04-22 18:29:35 +00:00
|
|
|
GPGCONF_BIN="$(command -v gpgconf)" || true
|
2019-05-22 13:13:13 -04:00
|
|
|
if [ -n "$GPGCONF_BIN" ] && [ -x $GPGCONF_BIN ] && [[ $($GPGCONF_BIN --help | grep -- "--kill" || true) != "" ]]; then
|
|
|
|
gpgconf --kill gpg-agent
|
2019-04-22 18:29:35 +00:00
|
|
|
fi
|
|
|
|
|
2018-06-05 01:01:18 -04:00
|
|
|
rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc
|
|
|
|
|
|
|
|
chmod +x /usr/local/bin/gosu
|
|
|
|
|
|
|
|
# verify that the binary works
|
|
|
|
gosu nobody true
|
2018-06-06 20:00:46 -04:00
|
|
|
|
|
|
|
|
|
|
|
cat << EOF >> /usr/bin/sudo
|
|
|
|
#!/bin/sh
|
|
|
|
|
|
|
|
# Emulate the sudo command
|
|
|
|
|
|
|
|
exec gosu root:root "\$@"
|
|
|
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
chmod +x /usr/bin/sudo
|