[OpenAFS-devel] interesting issue with setgroups wrapper...

[chas williams]

>I just figured that this behavior is different than all the other
>initgroups/setgroups behaviors. They both maintain the pag for all cases
>other than the empty-group-list case. If it passes a list of groups -
>i.e. if 'nobody' had some aux groups, it would maintain the pag. 

the patched syscall does try to maintain the pag.  however, if you
issue a setgroup that is NGROUP_MAX, then the pag information is lost.
i am not familiar with the samba code, but it probably doesnt expect
that you need to leave 2 free slots on the end of the group list.
it possibly builds a 'group context' (of size NGROUP_MAX) for you and
your anonymous self.  then while swapping between these contexts your
pag is 'lost' since there isnt any space at the end of the group array.

you might try checking the size of the group list passed to setgroups
in smbd.