From 6cdf74ca98fcd176c27154e608c5661e858f502f Mon Sep 17 00:00:00 2001
From: Klemens Nanni <kn@openbsd.org>
Date: Sat, 16 Nov 2024 15:38:30 +0300
Subject: [PATCH] Revert "Omit privileged setgroups(2) call to test
 set[ug]id(2) to same user"

https://github.com/yggdrasil-network/yggdrasil-go/actions/runs/11787911199/job/32834078977?pr=1203#step:5:19
shows that it works on Linux, so undo the hack.

This reverts commit 12acd710bec64660e6d4c27ec08d2248d8eb26cb.
---
 cmd/yggdrasil/chuser_unix.go      |  8 +++-----
 cmd/yggdrasil/chuser_unix_test.go | 10 +++++++---
 2 files changed, 10 insertions(+), 8 deletions(-)

diff --git a/cmd/yggdrasil/chuser_unix.go b/cmd/yggdrasil/chuser_unix.go
index 02a56d61..fc3e5c2c 100644
--- a/cmd/yggdrasil/chuser_unix.go
+++ b/cmd/yggdrasil/chuser_unix.go
@@ -12,7 +12,7 @@ import (
 	"golang.org/x/sys/unix"
 )
 
-func chuser(input string, skipSetgroupsForTests ...any) error {
+func chuser(input string) error {
 	givenUser, givenGroup, _ := strings.Cut(input, ":")
 
 	var (
@@ -43,10 +43,8 @@ func chuser(input string, skipSetgroupsForTests ...any) error {
 		gid, _ = strconv.Atoi(usr.Gid)
 	}
 
-	if len(skipSetgroupsForTests) == 0 {
-		if err := unix.Setgroups([]int{gid}); err != nil {
-			return fmt.Errorf("setgroups: %d: %v", gid, err)
-		}
+	if err := unix.Setgroups([]int{gid}); err != nil {
+		return fmt.Errorf("setgroups: %d: %v", gid, err)
 	}
 	if err := unix.Setgid(gid); err != nil {
 		return fmt.Errorf("setgid: %d: %v", gid, err)
diff --git a/cmd/yggdrasil/chuser_unix_test.go b/cmd/yggdrasil/chuser_unix_test.go
index 814d988e..ad2e3517 100644
--- a/cmd/yggdrasil/chuser_unix_test.go
+++ b/cmd/yggdrasil/chuser_unix_test.go
@@ -44,14 +44,18 @@ func TestInvalidUserid (t *testing.T) {
 	}
 }
 
-// Change to the current user by username and group ID.
-func TestCurrentUser (t *testing.T) {
+// Change to the current user by ID.
+func TestCurrentUserid (t *testing.T) {
 	usr, err := user.Current()
 	if err != nil {
 		t.Fatal(err)
 	}
 
-	if err = chuser(usr.Username + ":" + usr.Gid, true /* skipSetGroupsForTests */); err != nil {
+	if usr.Uid != "0" {
+		t.Skip("setgroups(2): Only the superuser may set new groups.")
+	}
+
+	if err = chuser(usr.Uid); err != nil {
 		t.Fatal(err)
 	}
 }