From d8968d136a89dba124974d3f4a1de03bba20452d Mon Sep 17 00:00:00 2001
From: "Hongli Lai (Phusion)" <hongli@phusion.nl>
Date: Sat, 15 Feb 2014 10:18:39 +0100
Subject: [PATCH] Improve setuser: set auxilliary groups and more environment
 variables

---
 Changelog.md  |  1 +
 image/setuser | 34 ++++++++++++++++++++++++----------
 2 files changed, 25 insertions(+), 10 deletions(-)

diff --git a/Changelog.md b/Changelog.md
index 8cc0b8c..e78730f 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,6 +4,7 @@
  * Much improved `my_init`:
    * It is now possible to run and watch a custom command, possibly in addition to running runit. See "Running a one-shot command in the container" in the README.
    * It is now possible to skip running startup files such as /etc/rc.local.
+ * `setuser` now also set auxilliary groups, as well as more environment variables such as `USER` and `UID`.
 
 ## 0.9.5 (release date: 2014-02-06)
 
diff --git a/image/setuser b/image/setuser
index f76692e..f841bbe 100755
--- a/image/setuser
+++ b/image/setuser
@@ -1,12 +1,26 @@
-#!/bin/bash
-set -e
+#!/usr/bin/python2
+import sys, os, pwd
 
-user="$1"
-shift
+if len(sys.argv) < 3:
+	sys.stderr.write("Usage: /sbin/setuser USERNAME COMMAND [args..]\n")
+	sys.exit(1)
 
-if [[ "$user" == "root" ]]; then
-	export HOME=/root
-else
-	export HOME=/home/$user
-fi
-exec chpst -u "$user" "$@"
+def abort(message):
+	sys.stderr.write("setuser: %s\n" % message)
+	sys.exit(1)
+
+username = sys.argv[1]
+try:
+	user = pwd.getpwnam(username)
+except KeyError:
+	abort("user %s not found" % username)
+os.initgroups(username, user.pw_gid)
+os.setgid(user.pw_gid)
+os.setuid(user.pw_uid)
+os.environ['USER'] = username
+os.environ['HOME'] = user.pw_dir
+os.environ['UID']  = str(user.pw_uid)
+try:
+	os.execvp(sys.argv[2], sys.argv[2:])
+except OSError as e:
+	abort("cannot execute %s: %s" % (sys.argv[2], str(e)))