id,groups: with no user name, print only real and/or effective IDs,

... i.e., don't use the getpw* functions.

Before this change, running groups or id with no user name argument
would include a group name or ID from /etc/passwd.  Thus, under unusual
circumstances (default group is changed, but has not taken effect for a
given session), those programs could print a name or ID that is neither
real nor effective.

To demonstrate, run this:

    echo 'for i in 1 2; do id -G; sleep 1.5; done' \
      |su -s /bin/sh ftp - &
    sleep 1; perl -pi -e 's/^(ftp:x:\d+):(\d+)/$1:9876/' /etc/passwd

Those id -G commands printed the following:

    50
    50 9876

With this change, they print this:

    50
    50

Similarly, running those programs set-GID could make them
print one ID too many.

* src/group-list.c (print_group_list): When username is NULL, pass
egid, not getpwuid(ruid)->pw_gid), to xgetgroups, per the API
requirements of xgetgroups callee, mgetgroups.
When not using the password database, don't call getpwuid.
* NEWS (Bug fixes): Mention it.
* tests/misc/id-setgid: New file.
* tests/Makefile.am (TESTS): Add it.
(root_tests): It's a root-only test, so add it here, too.
Originally reported by Brynnen Owen as http://bugs.gnu.org/7320.
Raised again by Marc Mengel in http://bugzilla.redhat.com/816708.

1 files changed, 9 insertions, 0 deletions

diff --git a/NEWS b/NEWS
index ef4e508ae..b7bfb8cf3 100644
--- a/NEWS
+++ b/NEWS
@@ -2,6 +2,15 @@ GNU coreutils NEWS                                    -*- outline -*-
 
 * Noteworthy changes in release ?.? (????-??-??) [?]
 
+** Bug fixes
+
+  id and groups, when invoked with no user name argument, would print
+  the default group ID listed in the password database, and sometimes
+  that ID would be neither real nor effective.  For example, when run
+  set-GID, or in a session for which the default group has just been
+  changed, the new group ID would be listed, even though it is not
+  yet effective.
+
 ** New features
 
   fmt now accepts the --goal=WIDTH (-g) option.