too minimal: needs to handle tty changeover cleanly

[otheus]

This program is simply unusable or unsuitable within a container, except in trivial cases. So, in the description we see that it's much smaller than go-sub; but the program fails to handle the parent terminal correctly. Without this, when the program tries to output to stderr directly, it fails, whether or not the the container is executed with a terminal.

I see this is related to or identical to #33 . This problem should be addressed . At minimum, update the documentation, that this program is not suitable to be run from an entrypoint in a container when stdout or stdin is needed.

Several work-arounds have been proposed, including adding the target-user to the tty group, but this doesn't actually work when tty is not used. Example below is a container that adds the www-data user to the tty group. When -t is not given, an error is the result.

$  docker run  --rm -u 0:0 -t alpine-test:0.0.1 su-exec www-data bash -c 'echo >/dev/stderr test'
test
$  docker run  --rm -u 0:0    alpine-test:0.0.1  su-exec www-data bash -c 'echo >/dev/stderr test'
bash: line 1: /dev/stderr: Permission denied

There are multiple subtleties to this problem and potential resolutions. Please take care it can be used to, for instance, run apache within a container, when that container is run as root, but in which entrypoint changes the user. (Yes, Apache can do this on its own, but there times it is required to do this for the container itself).