GNU/Hurd: handle platform-specific behaviour of setgroups()

diff --git a/src/OS/os.h-GNU b/src/OS/os.h-GNU
index 44993163d319da42686679b02a7be987a2741ff2..1de2e3e849dbba3b457145d301351b0db40274d7 100644 (file)
--- a/src/OS/os.h-GNU
+++ b/src/OS/os.h-GNU
@@ -20,4 +20,8 @@ typedef struct flock flock_t;
 /* default is non-const */
 #define ICONV_ARG2_TYPE const char **
 
+/* setgroups(0, NULL) succeeds, and drops the gid group
+as well as any supplementary groups*/
+#define OS_SETGROUPS_ZERO_DROPS_ALL
+
 /* End */

diff --git a/src/src/exim.c b/src/src/exim.c
index 477b82aa4644ad9b5c95e835d46b71c490c11802..f0feaf5bd43eb8575113b21c177f63ae29498abe 100644 (file)
--- a/src/src/exim.c
+++ b/src/src/exim.c
@@ -3642,7 +3642,11 @@ since you have to be root to run it, even if throwing away groups. Not being
 root here happens only in some unusual configurations. We just ignore the
 error. */
 
-if (setgroups(0, NULL) != 0 && setgroups(1, group_list) != 0 && !unprivileged)
+if (
+#ifndef OS_SETGROUPS_ZERO_DROPS_ALL
+   setgroups(0, NULL) != 0 &&
+#endif
+   setgroups(1, group_list) != 0 && !unprivileged)
   exim_fail("exim: setgroups() failed: %s\n", strerror(errno));
 
 /* If the configuration file name has been altered by an argument on the
@@ -4289,8 +4293,8 @@ else
     if (!(unprivileged || removed_privilege))
       exim_fail("exim: changing group failed: %s\n", strerror(errno));
     else
-      DEBUG(D_any) debug_printf("changing group to %ld failed: %s\n",
-          (long int)exim_gid, strerror(errno));
+      DEBUG(D_any) debug_printf("changing group to %ld failed: %d: %s\n",
+          (long int)exim_gid, errno, strerror(errno));
   }
 
 /* Handle a request to scan a file for malware */