nix::unistd

Function setgroups

Source
pub fn setgroups(groups: &[Gid]) -> Result<()>
Expand description

Set the list of supplementary group IDs for the calling process.

Further reading

Note: This function is not available for Apple platforms. On those platforms, group membership management should be achieved via communication with the opendirectoryd service.

ยงExamples

setgroups can be used when dropping privileges from the root user to a specific user and group. For example, given the user www-data with UID 33 and the group backup with the GID 34, one could switch the user as follows:

let uid = Uid::from_raw(33);
let gid = Gid::from_raw(34);
setgroups(&[gid])?;
setgid(gid)?;
setuid(uid)?;