Function nix::unistd::initgroups
source · pub fn initgroups(user: &CStr, group: Gid) -> Result<()>Expand description
Initialize the supplementary group access list.
Sets the supplementary group IDs for the calling process using all groups
that user is a member of. The additional group group is also added to
the list.
Note: This function is not available for Apple platforms. On those
platforms, group membership management should be achieved via communication
with the opendirectoryd service.
§Examples
initgroups can be used when dropping privileges from the root user to
another user. For example, given the user www-data, we could look up the
UID and GID for the user in the system’s password database (usually found
in /etc/passwd). If the www-data user’s UID and GID were 33 and 33,
respectively, one could switch the user as follows:
let user = CString::new("www-data").unwrap();
let uid = Uid::from_raw(33);
let gid = Gid::from_raw(33);
initgroups(&user, gid)?;
setgid(gid)?;
setuid(uid)?;