Backport install-gosu-binary-wrapper from dockbuid

To ensure that our custom sudo wrapper is not
overwritten by a future re-install of sudo, it
is created in /usr/loca/bin

See https://github.com/dockbuild/dockbuild/issues/52

common.debian

@@ -1,5 +1,8 @@
 # Image build scripts
-COPY imagefiles/install-gosu-binary.sh /buildscripts/
+COPY \
+  imagefiles/install-gosu-binary.sh \
+  imagefiles/install-gosu-binary-wrapper.sh \
+  /buildscripts/
 
 ARG DEBIAN_FRONTEND=noninteractive
 ARG REPO=http://cdn-fastly.deb.debian.org
@@ -45,4 +48,5 @@ RUN \
   && \
   apt-get clean --yes && \
   /buildscripts/install-gosu-binary.sh && \
+  /buildscripts/install-gosu-binary-wrapper.sh && \
   rm -rf /buildscripts

common.manylinux

@@ -1,6 +1,7 @@
 # Image build scripts
 COPY \
   imagefiles/install-gosu-binary.sh \
+  imagefiles/install-gosu-binary-wrapper.sh \
   manylinux-common/install-python-packages.sh \
   /buildscripts/
 
@@ -16,8 +17,9 @@ RUN \
     wget \
     zip \
   && \
-	yum clean all && \
-	/buildscripts/install-gosu-binary.sh && \
+  yum clean all && \
+  /buildscripts/install-gosu-binary.sh && \
+  /buildscripts/install-gosu-binary-wrapper.sh && \
   # Remove sudo provided by "devtoolset-2" and "devtoolset-8" since it doesn't work with
   # our sudo wrapper calling gosu.
   rm -f /opt/rh/devtoolset-2/root/usr/bin/sudo && \

imagefiles/install-gosu-binary-wrapper.sh

@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+set -ex
+set -o pipefail
+
+if ! command -v gosu &> /dev/null; then
+	echo >&2 'error: "gosu" not found!'
+	exit 1
+fi
+
+# verify that the binary works
+gosu nobody true
+
+# To ensure that our custom sudo wrapper is not
+# overwritten by a future re-install of sudo, it
+# is created in /usr/loca/bin
+
+cat << EOF >> /usr/local/bin/sudo
+#!/bin/sh
+# Emulate the sudo command
+exec gosu root:root "\$@"
+EOF
+
+chmod +x /usr/local/bin/sudo
+

imagefiles/install-gosu-binary.sh

@@ -44,18 +44,3 @@ fi
 rm -r "$GNUPGHOME" /usr/local/bin/gosu.asc
 
 chmod +x /usr/local/bin/gosu
-
-# verify that the binary works
-gosu nobody true
-
-
-cat << EOF >> /usr/bin/sudo
-#!/bin/sh
-
-# Emulate the sudo command
-
-exec gosu root:root "\$@"
-
-EOF
-
-chmod +x /usr/bin/sudo

web-wasm/Dockerfile.in

@@ -5,7 +5,7 @@ MAINTAINER Matt McCormick "matt.mccormick@kitware.com"
 # See https://github.com/asRIA/emscripten-docker/blob/master/Dockerfile.in#L4
 RUN rm /bin/sh && ln -s /bin/dash /bin/sh
 
-COPY install-gosu-sudo.sh /buildscripts/
+COPY imagefiles/install-gosu-binary-wrapper.sh /buildscripts/
 
 ARG DEBIAN_FRONTEND=noninteractive
 ARG REPO=http://cdn-fastly.deb.debian.org
@@ -51,7 +51,7 @@ RUN \
     zlib1g-dev \
   && \
   apt-get clean --yes && \
-  /buildscripts/install-gosu-sudo.sh && \
+  /buildscripts/install-gosu-binary-wrapper.sh && \
   rm -rf /buildscripts
 
 #include "common.docker"

web-wasm/install-gosu-sudo.sh

@@ -1,16 +0,0 @@
-#!/usr/bin/env bash
-
-# verify that the binary works
-gosu nobody true
-
-
-cat << EOF >> /usr/bin/sudo
-#!/bin/sh
-
-# Emulate the sudo command
-
-exec gosu root:root "\$@"
-
-EOF
-
-chmod +x /usr/bin/sudo