You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This is a simple tool that will simply execute a program with different
privileges. The program will be executed directly and not run as a child,
like su and sudo does, which avoids TTY and signal issues (see below).
Notice that su-exec depends on being run by the root user, non-root
users do not have permission to change uid/gid.
Usage
su-exec user-spec command [ arguments... ]
user-spec is either a user name (e.g. nobody) or user name and group
name separated with colon (e.g. nobody:ftp). Numeric uid/gid values
can be used instead of names. Example:
Notice how su will make ps be a child of a shell while su-exec
just executes ps directly.
$ docker run -it --rm alpine:edge su postgres -c 'ps aux'
PID USER TIME COMMAND
1 postgres 0:00 ash -c ps aux
12 postgres 0:00 ps aux
$ docker run -it --rm -v $PWD/su-exec:/sbin/su-exec:ro alpine:edge su-exec postgres ps aux
PID USER TIME COMMAND
1 postgres 0:00 ps aux
Why reinvent gosu?
This does more or less exactly the same thing as gosu
but it is only 10kb instead of 1.8MB.
