Fails to detect shell in docker containers run with rosetta on Apple Silicon

[Moomboh]

Description

shellingham currently fails to detect shells inside docker containers running with the [Docker Desktop option to run x86 binaries with rosetta]([Docker Desktop for Mac] - Support for running x86-64 binaries with Rosetta 2). This is due to the fact that in this case the proc_args have /rosetta/rosetta as their first element and the second element is the actual shell, which currently isn't checked by shellingham.

Minimal Reproducible Example

Requires an Apple Silicon machine with Docker Desktop installed and the option "Use Rosetta for x86/amd64 emulation on Apple Silicon" enabled as in the following screenshot:

Using the following Dockerfile:

FROM --platform=linux/amd64 debian:bullseye

RUN set -ex && \
    apt-get update && \
    apt-get -y install \
    python3 \
    python3-pip \
    && rm -rf /var/lib/apt/lists/* && \
    pip3 install shellingham

Then open a shell in that docker container with

docker build . -t shellingham-rosetta-bug-mre && docker run --platform=linux/amd64 -it shellingham-rosetta-bug-mre /bin/bash

and finally in the container try to detect the shell with shellingham

python3 -c 'import shellingham; print(shellingham.detect_shell())'

[Moomboh]

Just noticed this is related to or a duplicate of #55 although there it seems to be the case that it doesn't consider qemu-x86_64 being the first process_arg.