use initgroups in plat unix

Signed-off-by: Andy Green <andy.green@linaro.org>

diff --git a/lib/lws-plat-unix.c b/lib/lws-plat-unix.c
index acd11c3..9d10acf 100644 (file)
--- a/lib/lws-plat-unix.c
+++ b/lib/lws-plat-unix.c
@@ -1,5 +1,8 @@
 #include "private-libwebsockets.h"
 
+#include <pwd.h>
+#include <grp.h>
+
 /*
  * included from libwebsockets.c for unix builds
  */
@@ -250,12 +253,22 @@ lws_plat_set_socket_options(struct libwebsocket_context *context, int fd)
 LWS_VISIBLE void
 lws_plat_drop_app_privileges(struct lws_context_creation_info *info)
 {
+       if (info->uid != -1) {
+               struct passwd *p = getpwuid(info->uid);
+
+               if (p) {
+                       initgroups(p->pw_name, info->gid);
+                       if (setuid(info->uid))
+                               lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO));
+                       else
+                               lwsl_notice(" Set privs to user '%s'\n", p->pw_name);
+               } else
+                       lwsl_warn("getpwuid: unable to find uid %d", info->uid);
+       }
        if (info->gid != -1)
                if (setgid(info->gid))
                        lwsl_warn("setgid: %s\n", strerror(LWS_ERRNO));
-       if (info->uid != -1)
-               if (setuid(info->uid))
-                       lwsl_warn("setuid: %s\n", strerror(LWS_ERRNO));
+
 }
 
 LWS_VISIBLE int