How to get all the groups of a user with "getgroups"

Question

I'm running this program in root and I have the following result with the command id mike:

uid=1001(mike) gid=1002(mike) groups=1002(mike),1005(mynewgroup)

I'm using the following code to get the groups:

setgid(1002)
setuid(1001)

if ((count = getgroups(NGROUPS_MAX, groupIDs)) == -1)
    perror("getgroups error");
else
    for (i = 0; i < count; i++)
        printf("Group ID %d = %d\n", i + 1, (int) groupIDs[i]);

The result I need is to list group 1002 and 1005. its just giving me

Group ID 1 = 1002

How do I get all the groups of a user with getgroups?

Answer 1

It's unclear what you are doing here. Is your process root, then you setgid + setuid and expect getgroups to give you a list similar to what id provided?

First off, getgroups deals with credentials of the current process which must not be confused with credentials configured in /etc/group or other places. E.g. when the user in question logs in whatever deals with it has to explicitly set all the groups by hand, something you did not do. In particular that program does setuid and setgid, but also does other stuff to properly set credentials.

So you need to run a func which provides groups configured for given user. You already know a tool which does the job - it is id. Since this is opensource, you can just check what it does.

In this particular case the keyword you are looking for is getgrouplist. Note there is 0 use for setuid/setgid to find out what the group list is.