H,
I'm re-working some container images that have been running the containers as root, which is non-ideal for security. I'm using the su-exec package (available through apk here) to run a bunch of commands that would require a superuser but are called with a non-root user that makes use of su-exec; note that this package is basically gosu that takes up less space.
To test out the command out I ran and exec'd into an alpine container with su-exec added via apk but I can't seem to run anything and continue to get the error
su-exec: setgroups: Operation not permitted
when simple commands like apk add <pkg> or sh are run with the non-root user:
$ su-exec root apk add --no-cache curl
su-exec: setgroups: Operation not permitted
$ su-exec root sh
su-exec: setgroups: Operation not permitted
$ su-exec --help
Usage: su-exec user-spec command [args]
Any insight is much appreciated!
