I want to temporarily change the identity of a running root process.
I have read the way to do this is to first call setegid and then seteuid.
The problem is that the group somehow is ignored:
<?php
# This is executed as root.
var_dump(posix_setegid(61)); # localaccounts(61)
var_dump(posix_seteuid(502)); # bot(502)
$fp = fopen("/tmp/test", "w+b");
system("ls -la /tmp/test");
unlink("/tmp/test");
Outputs:
$ sudo php -f /tmp/test.php
bool(true)
bool(true)
-rw-r--r-- 1 bot wheel 0 Feb 2 17:49 /tmp/test
But I expect it to output:
-rw-r--r-- 1 bot localaccounts 0 Feb 2 17:49 /tmp/test
Am I missing something?
UPDATE: It works on a linux machine. Is this some weird OSX quirk?
Mac os x derives from the BSD branch of Unix, and
According to BSD Unix semantics, the group ownership given to a newly created file is unconditionally inherited from the group ownership of the directory in which it is created.
(From https://en.m.wikipedia.org/wiki/User_identifier#Effective_user_ID - I can't find a better source)
You can always use chgrp to change the group after the file is created