start_stop_daemon: set complementary group ids too. Closes 3253

Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>

2 files changed, 11 insertions, 3 deletions

diff --git a/debianutils/start_stop_daemon.c b/debianutils/start_stop_daemon.c
index bc61959d2..02609c04f 100644
--- a/debianutils/start_stop_daemon.c
+++ b/debianutils/start_stop_daemon.c
@@ -502,8 +502,16 @@ int start_stop_daemon_main(int argc UNUSED_PARAM, char **argv)
         if (opt & OPT_c) {
                 struct bb_uidgid_t ugid = { -1, -1 };
                 parse_chown_usergroup_or_die(&ugid, chuid);
-                if (ugid.gid != (gid_t) -1) xsetgid(ugid.gid);
-                if (ugid.uid != (uid_t) -1) xsetuid(ugid.uid);
+                if (ugid.uid != (uid_t) -1) {
+                        struct passwd *pw = xgetpwuid(ugid.uid);
+                        if (ugid.gid != (gid_t) -1)
+                                pw->pw_gid = ugid.gid;
+                        /* initgroups, setgid, setuid: */
+                        change_identity(pw);
+                } else if (ugid.gid != (gid_t) -1) {
+                        xsetgid(ugid.gid);
+                        setgroups(1, &ugid.gid);
+                }
         }
 #if ENABLE_FEATURE_START_STOP_DAEMON_FANCY
         if (opt & OPT_NICELEVEL) {
diff --git a/networking/inetd.c b/networking/inetd.c
index fc6847bb5..26b66992d 100644
--- a/networking/inetd.c
+++ b/networking/inetd.c
@@ -1414,7 +1414,7 @@ int inetd_main(int argc UNUSED_PARAM, char **argv)
                                 bb_error_msg("non-root must run services as himself");
                                 goto do_exit1;
                         }
-                        if (pwd->pw_uid) {
+                        if (pwd->pw_uid != 0) {
                                 if (sep->se_group)
                                         pwd->pw_gid = grp->gr_gid;
                                 /* initgroups, setgid, setuid: */