gitsrht-dispatch: add support for supplementary groups

gitsrht-dispatch/main.go

@@ -17,6 +17,7 @@ type Dispatcher struct {
 	cmd string
 	uid int
 	gid int
+	gids []int
 }
 
 func main() {
@@ -70,11 +71,20 @@ AuthorizedKeysUser=root`, os.Args[0])
 		if err != nil {
 			logger.Fatalf("Error looking up group %s: %v", spec[1], err)
 		}
+		groups, err := user.GroupIds()
+		if err != nil {
+			logger.Fatalf("Error looking up supplementary groups of user %s: %v", spec[0], err)
+		}
+		gids := make([]int, len(groups))
+		for i, grp := range groups {
+			sgid, _ := strconv.Atoi(grp)
+			gids[i] = sgid
+		}
 		uid, _ := strconv.Atoi(user.Uid)
 		gid, _ := strconv.Atoi(group.Gid)
-		dispatchers[uid] = Dispatcher{cmd, uid, gid}
+		dispatchers[uid] = Dispatcher{cmd, uid, gid, gids}
-		logger.Printf("Registered dispatcher for %s(%d):%s(%d): %s",
+		logger.Printf("Registered dispatcher for %s(%d):%s(%d):(%s): %s",
-			spec[0], uid, spec[1], gid, cmd)
+			spec[0], uid, spec[1], gid, strings.Join(groups, ","), cmd)
 	}
 
 	var user *osuser.User
@@ -93,6 +103,7 @@ AuthorizedKeysUser=root`, os.Args[0])
 
 	if dispatcher, ok := dispatchers[uid]; ok {
 		logger.Printf("Dispatching to %s", dispatcher.cmd)
+		syscall.Setgroups(dispatcher.gids)
 		syscall.Setgid(dispatcher.gid)
 		syscall.Setuid(dispatcher.uid)
 		if err := syscall.Exec(dispatcher.cmd, append([]string{