Rocksolid Light

News from da outaworlds

mail  files  register  groups  login

Message-ID:  

BOFH excuse #213: Change your language to Finnish.

comp / comp.unix.programmer / Re: initgroups/ getgrouplist why additional group?

SubjectAuthor
* initgroups/ getgrouplist why additional group?Rainer Weikusat
`- Re: initgroups/ getgrouplist why additional group?vallor

1
Subject: initgroups/ getgrouplist why additional group?
From: Rainer Weikusat
Newsgroups: comp.unix.programmer
Date: Wed, 22 May 2024 21:17 UTC
Path: eternal-september.org!news.eternal-september.org!feeder3.eternal-september.org!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail
From: rweikusat@talktalk.net (Rainer Weikusat)
Newsgroups: comp.unix.programmer
Subject: initgroups/ getgrouplist why additional group?
Date: Wed, 22 May 2024 22:17:53 +0100
Lines: 23
Message-ID: <874japwnpa.fsf@doppelsaurus.mobileactivedefense.com>
Mime-Version: 1.0
Content-Type: text/plain
X-Trace: individual.net Rk8XnrX8SzznzAeJI/bVawn8GmqHqVkHV/+2bvdSjtn4b5xTU=
Cancel-Lock: sha1:qOaZi8qRZkI1RuR9aggl1tUzUPI= sha1:0B6Qm0L/GMTHcgjxDQP1uW+jNBM= sha256:rP4SO2lsMvoAu2N21aFBEQK6Oa8qCL7wkXbFmOKbcP8=
User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)
View all headers

The initgroups and getgrouplist functions take an additional gid
argument and this gid is added to the set of returned groups
(getgrouplist) or groups the supplementary group list is set to
(initgroups). Man pages for the latter typically say something like

This is typically the real group ID from the user database.

about the additional gid argument.

One could argue that the additional
gid argument to getgroupslist makes some sense because it's supposed to
return all groups the user is member of, although that's still a weird
interface. But for initgroups, this gid will end up on the supplementary
groups list of the process, taking up one of the available slots there,
despite this isn't necessary (on Linux at least) when - as suggested by
the manpage - the passed value is the user's primary group which will
usually be (or need to become if a persona change is supposed to take
place) the (e)gid of the process.

I assume this additional argument is good for something in some
situation, however, I have no idea what this something and said
situation could be. Does anybody know more about this and would be
willing to share it?

Subject: Re: initgroups/ getgrouplist why additional group?
From: vallor
Newsgroups: comp.unix.programmer
Organization: A noiseless patient Spider
Date: Sun, 26 May 2024 06:14 UTC
References: 1
Path: eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: vallor@cultnix.org (vallor)
Newsgroups: comp.unix.programmer
Subject: Re: initgroups/ getgrouplist why additional group?
Date: Sun, 26 May 2024 06:14:29 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 46
Message-ID: <v2uk05$39rpp$1@dont-email.me>
References: <874japwnpa.fsf@doppelsaurus.mobileactivedefense.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 26 May 2024 08:14:29 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="44dd6954026dca7159ad45b2345fa285";
logging-data="3469113"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18YsaFS4hEEjK2VtCH6t4L0"
User-Agent: Pan/0.158 (Avdiivka; 9555b5e; Linux-6.9.1)
Cancel-Lock: sha1:WBJb1QQtLsAnhyq0ZeE27fWNVSc=
X-Face: \}2`P"_@pS86<'EM:'b.Ml}8IuMK"pV"?FReF$'c.S%u9<Q#U*4QO)$l81M`{Q/n
XL'`91kd%N::LG:=*\35JS0prp\VJN^<s"b#bff@fA7]5lJA.jn,x_d%Md$,{.EZ
View all headers

On Wed, 22 May 2024 22:17:53 +0100, Rainer Weikusat
<rweikusat@talktalk.net> wrote in
<874japwnpa.fsf@doppelsaurus.mobileactivedefense.com>:

> The initgroups and getgrouplist functions take an additional gid
> argument and this gid is added to the set of returned groups
> (getgrouplist) or groups the supplementary group list is set to
> (initgroups). Man pages for the latter typically say something like
>
> This is typically the real group ID from the user database.
>
> about the additional gid argument.
>
> One could argue that the additional gid argument to getgroupslist makes
> some sense because it's supposed to return all groups the user is member
> of, although that's still a weird interface. But for initgroups, this
> gid will end up on the supplementary groups list of the process, taking
> up one of the available slots there, despite this isn't necessary (on
> Linux at least) when - as suggested by the manpage - the passed value is
> the user's primary group which will usually be (or need to become if a
> persona change is supposed to take place) the (e)gid of the process.
>
> I assume this additional argument is good for something in some
> situation, however, I have no idea what this something and said
> situation could be. Does anybody know more about this and would be
> willing to share it?

Beats me why it's done this way, but thought I'd point out that
on Linux, NGROUPS_MAX -- though it used to be only 16 -- is now
65536.

Just checked MacOS though -- there, it is still 16.

#include <stdio.h>
#include <limits.h>

int main (void)
{

printf("%d\n",NGROUPS_MAX);

return 0;
}

--
-v

1

rocksolid light 0.9.8
clearnet tor