The `s6-sudoc` program

s6-sudoc talks to a peer s6-sudod program over a Unix socket, passing it command-line arguments, environment variables and standard descriptors.

Interface

     s6-sudoc [ -e ] [ -t timeoutconn ] [ -T timeoutrun ] [ args... ]

s6-sudoc transmits its standard input, standard output and standard error via fd-passing over a Unix socket that must be open on its descriptors 6 and 7. It expects a s6-sudod process to be receiving them on the other side.
It also transmits its command-line arguments args, and also its environment by default. Note that s6-sudod will not necessarily accept all the environment variables that s6-sudoc tries to transmit.
s6-sudoc waits for the server program run by s6-sudod to finish. It exits the same exit code as the server program. If the server program is killed by a signal, s6-sudoc kills itself with the same signal.

-e : do not attempt to transmit any environment variables to s6-sudod.
-t timeoutconn : if s6-sudod has not managed to process the given information and start the server program after timeoutconn milliseconds, give up. By default, timeoutconn is 0, meaning infinite. Note that there is no reason to set up a nonzero timeoutconn with a large value: s6-sudod is not supposed to block. The option is only there to protect against ill-written services.
-T timeoutrun : if the server program has not exited after timeoutrun milliseconds, give up. By default, timeoutrun is 0, meaning infinite.

If s6-sudoc is killed, or exits after timeoutrun milliseconds, while the server program is still running, s6-sudod will send a SIGTERM and a SIGCONT to the server program - but this does not guarantee that it will die. If the server program keeps running, it might still read from the file that was s6-sudoc's stdin, or write to the files that were s6-sudod's stdout or stderr. This is a potential security risk. Administrators should audit their server programs to make sure this does not happen.
More generally, anything using signals or terminals will not be handled transparently by the s6-sudoc + s6-sudod mechanism. The mechanism was designed to allow programs to gain privileges in specific situations: short-lived, simple, noninteractive processes. It was not designed to emulate the full suid functionality and will not go out of its way to do so.