common: Use gosu to replace chpst and add sudo abilities

From: https://github.com/tianon/gosu
2025-06-10 21:19:26 +02:00 · 2017-04-22 20:52:31 -04:00
parent 6c77167ad6
commit 4c3612da2b
5 changed files with 43 additions and 14 deletions
--- a/common.manylinux
+++ b/common.manylinux
@ -1,15 +1,22 @@
-RUN cd /opt && \
-  wget --progress=bar:force "http://smarden.org/runit/runit-2.1.2.tar.gz" && \
-  tar xvzf runit-2.1.2.tar.gz && \
-  cd admin/runit-2.1.2 && \
-  ./package/install
+ENV GOSU_VERSION 1.10
+RUN set -x \
+	&& yum -y install epel-release \
+	&& yum -y install wget gpg \
+	&& dpkgArch=$(if test $(uname -m) = "x86_64"; then echo amd64; else echo i386; fi) \
+	&& wget -O /usr/bin/gosu "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch" \
+	&& wget -O /tmp/gosu.asc "https://github.com/tianon/gosu/releases/download/$GOSU_VERSION/gosu-$dpkgArch.asc" \
+	&& export GNUPGHOME="$(mktemp -d)" \
+	&& gpg --keyserver ha.pool.sks-keyservers.net --recv-keys B42F6819007F00F88E364FD4036A9C25BF357DD4 \
+	&& gpg --batch --verify /tmp/gosu.asc /usr/bin/gosu \
+	&& rm -r "$GNUPGHOME" /tmp/gosu.asc \
+	&& chmod +x /usr/bin/gosu \
+	&& gosu nobody true \
+	&& yum clean all

 COPY manylinux-common/install-python-packages.sh /usr/local/bin
 RUN /usr/local/bin/install-python-packages.sh

 COPY manylinux-common/pre_exec.sh /dockcross/pre_exec.sh

-RUN yum -y install pax zip sudo && \
-  sed -i 's/Defaults    requiretty/#Defaults    requiretty/' /etc/sudoers && \
-  visudo -c
-
+RUN yum -y install pax zip \
+  && yum clean all