[Hampshire] wierd group issue

I've just been banging my head against lurker (mailing list program we
use on hantslug) as it had stopped working.

I've diagnosed what's wrong, but have very little clue as to _why_.

The box runs exim as a mailserver and that runs as the Debian-exim user:

$ id Debian-exim
uid=102(Debian-exim) gid=102(Debian-exim)
groups=102(Debian-exim),105(lurker),106(greylist)

After the upgrade and reboot (no nscd installed BTW), we had this
lurker issue so I shoved this little naff wrapper around the process:

ps -ef >> /tmp/apb.$$
/usr/bin/id >> /tmp/apb.$$
strace -f -o /tmp/strace.$$ /usr/bin/lurker-index "$@"

This shows:
* exim and this process running as Debian-exim
* id reports "uid=102(Debian-exim) gid=102(Debian-exim)"
** what on earth happened to the other groups!
* strace shows permission denied (see above)

How on earth is it dropping those other groups? The only thing I can
think of is that exim's use of setgid/setpgid is doing it. I'll
certainly admit that reading those manpages can get your head in a
twist so I wondered if anyone can shine a light on it?

I've just dug out my copy of Stevens and it says (bottom of P241):
"The supplementary group IDs are not affected by setgid, setregid or
setegid".

$ grep et exim.strace |grep id |grep -v pid
11552 geteuid32()                       = 102
11552 geteuid32()                       = 0
11552 getuid32()                        = 102
11552 getgid32()                        = 102
11552 getegid32()                       = 102
11552 geteuid32()                       = 0
11552 geteuid32()                       = 0
11552 getegid32()                       = 102
11552 setgid32(102)                     = 0
11552 setuid32(0)                       = 0
11552 setgid32(102)                     = 0
11553 geteuid32()                       = 0
11553 getegid32()                       = 102
11553 setgid32(102)                     = 0
11553 setuid32(102)                     = 0
11554 setpgid(0, 0)                     = 0
11554 getuid32()                        = 102
11554 getgid32()                        = 102
11554 geteuid32()                       = 102
11554 getegid32()                       = 102
11555 geteuid32()                       = 102
11557 geteuid32()                       = 102
11557 getuid32()                        = 102
11557 getegid32()                       = 102
11557 getgid32()                        = 102
11558 geteuid32()                       = 102
11558 getuid32()                        = 102
11558 getegid32()                       = 102
11558 getgid32()                        = 102
11559 geteuid32()                       = 102
11559 getuid32()                        = 102
11559 getegid32()                       = 102
11559 getgid32()                        = 102
11561 geteuid32()                       = 102
11561 getuid32()                        = 102
11561 getegid32()                       = 102
11561 getgid32()                        = 102
11562 geteuid32()                       = 102
11562 getuid32()                        = 102
11562 getegid32()                       = 102
11562 getgid32()                        = 102
11563 getuid32()                        = 102
11563 getgid32()                        = 102
11563 geteuid32()                       = 102
11563 getuid32()                        = 102
11563 geteuid32()                       = 102
11563 getuid32()                        = 102
11552 geteuid32()                       = 0
11552 getegid32()                       = 102
11552 setgid32(102)                     = 0
11552 setuid32(102)                     = 0

Adrian
--
bitcube.co.uk - Expert Linux infrastructure consultancy
Puppet, Debian, Red Hat, Ubuntu, CentOS