From mboxrd@z Thu Jan  1 00:00:00 1970
X-Msuck: nntp://news.gmane.io/gmane.comp.sysutils.supervision.general/2668
Path: news.gmane.org!.POSTED.blaine.gmane.org!not-for-mail
From: Jeff <sysinit@yandex.com>
Newsgroups: gmane.comp.sysutils.supervision.general
Subject: Re: chpst -u and supplementary groups
Date: Wed, 28 Aug 2019 01:44:36 +0200
Message-ID: <4779971566949476@vla4-d1c3bcedfacb.qloud-c.yandex.net>
Mime-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
Injection-Info: blaine.gmane.org; posting-host="blaine.gmane.org:195.159.176.226";
	logging-data="77870"; mail-complaints-to="usenet@blaine.gmane.org"
To: init <supervision@list.skarnet.org>
Original-X-From: supervision-return-2258-gcsg-supervision=m.gmane.org@list.skarnet.org Wed Aug 28 01:44:43 2019
Return-path: <supervision-return-2258-gcsg-supervision=m.gmane.org@list.skarnet.org>
Envelope-to: gcsg-supervision@m.gmane.org
Original-Received: from alyss.skarnet.org ([95.142.172.232])
	by blaine.gmane.org with smtp (Exim 4.89)
	(envelope-from <supervision-return-2258-gcsg-supervision=m.gmane.org@list.skarnet.org>)
	id 1i2l8k-000KBQ-VU
	for gcsg-supervision@m.gmane.org; Wed, 28 Aug 2019 01:44:43 +0200
Original-Received: (qmail 25606 invoked by uid 89); 27 Aug 2019 23:45:05 -0000
Mailing-List: contact supervision-help@list.skarnet.org; run by ezmlm
Original-Sender: <supervision@list.skarnet.org>
Precedence: bulk
List-Post: <mailto:supervision@list.skarnet.org>
List-Help: <mailto:supervision-help@list.skarnet.org>
List-Unsubscribe: <mailto:supervision-unsubscribe@list.skarnet.org>
List-Subscribe: <mailto:supervision-subscribe@list.skarnet.org>
List-Id: <supervision.list.skarnet.org>
Original-Received: (qmail 25599 invoked from network); 27 Aug 2019 23:45:05 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.com; s=mail; t=1566949476;
	bh=vY1XgtTRm7l2bq44rsazPla8ut2iA+cK/l7Wb1LNbC4=;
	h=Message-Id:Date:Subject:To:From;
	b=ClRGRn7Pd2vHPoI1CEzQ0VZH3XkvUtlWojHmyY0+pzEnL3UxLlIxJR7QQT/u3PJ5w
	 qfDa5GOC10WCQyptGfC+VUjEd/dNsywJTc5HtcVKekzotDy0m9sVDcIy/5IMK5Om+v
	 Eln8jIv5IrnwbAsSJfWOpwaE3QQ9+w6TXFpS8oHk=
Authentication-Results: mxback3q.mail.yandex.net; dkim=pass header.i=@yandex.com
X-Mailer: Yamail [ http://yandex.ru ] 5.0
Xref: news.gmane.org gmane.comp.sysutils.supervision.general:2668
Archived-At: <http://permalink.gmane.org/gmane.comp.sysutils.supervision.general/2668>

> Apparently everyone re-implementing daemontools does something like
> this. So that brings me back to my original question:
> is there consensus that the historical behaviour is a bug?

no, this is no bug.

> Or are there valid use cases?

most of the time one does not want the subprocess to run under
additional GIDs, so that is a sane default behaviour.

obviously there should be an option that makes "chpst" add all
supplementary GIDs the UID belongs to, though
(when this is desired by the user).

would not be too much work to add such a commandline option to it.