I think what I'm looking for may be a solution similar to multi hop with SSH and su; but instead of su, I have to use sg. The use case is that I have a user on a server, and the user belongs to multiple groups (main group ID group_A, second group ID group_B) for administrative reasons. SELinux Access Control is used so even if a directory is owned by me, but if my main group ID is not right, I will not be able to create files. In an interactive session, I would do chgrp group_B to switch my main group, and a new shell session will be created. If remotely launching a program, I would do ssh foo.com 'sg group_B /path/to/executable'. How do I achieve these effect in Emacs/Tramp?
I realized that ssh, su, etc. are defined in tramp-methods, which one can customize as follows to add another connection method called sg:
(eval-after-load 'tramp
'(add-to-list
'tramp-methods
'("sg"
(tramp-login-program "sg")
(tramp-login-args (("-") ("%u")))
(tramp-remote-shell "/bin/sh")
(tramp-remote-shell-args ("-c")))))
Then one can do
C-x C-f /ssh:myuser@remotehost|sg:group_B@remotehost:/path/to/file
to connect through multi-hops to remotehost as myuser using ssh and then switch main group from group_A to group_B using sg.