On Thu, 27 Feb 2020, Ondrej Zajicek wrote: > You need group foo to access /var/lib/foo/, that is part of secondary > groups for bird user (as reported by 'id') and these secondary groups are > assigned e.g. when 'su - bird' is used. > > But when you run 'bird -u bird -g bird', it only set UID (-u) and GID > (-g), not secondary groups, so bird daemon does not have access to foo > group. You can check /proc/29334/status to see value of 'Groups'.
Ah, secondary groups! I guess the current behaviour is intended then? And if so, is this currently documented somewhere (except in the source code)? Regards, Robert
