27 Feb
2020
27 Feb
'20
1:49 p.m.
On Thu, 27 Feb 2020, Ondrej Zajicek wrote:
You need group foo to access /var/lib/foo/, that is part of secondary groups for bird user (as reported by 'id') and these secondary groups are assigned e.g. when 'su - bird' is used.
But when you run 'bird -u bird -g bird', it only set UID (-u) and GID (-g), not secondary groups, so bird daemon does not have access to foo group. You can check /proc/29334/status to see value of 'Groups'.
Ah, secondary groups! I guess the current behaviour is intended then? And if so, is this currently documented somewhere (except in the source code)? Regards, Robert