Description
What version of Go are you using (go version)?
go 1.7.1
What operating system and processor architecture are you using (go env)?
GOOS=linux
GOARCH=arm
What did you do?
groups = []uint32{20, 21, 22}
cmd.SysProcAttr.Credential = &syscall.Credential{Groups: groups}
cmd.Run()
Run strace on the process:
strace -e trace=setgroups -e trace=setgroups32 -f {executable}
What did you expect to see?
setgroups32(3, [20, 21, 22])
What did you see instead?
setgroups(3, [20, 0, 21])
Source of problem and possible fix
It appears that syscall/linux_exec.go line 217, the RawSyscall is using SYS_SETGROUPS which on linux/arm is the 16bit GID system call. Since golang always uses 32bit GIDs, this fails. I switched this statement to SYS_SETGROUPS32, and it worked fine on my linux/arm system.
Perhaps this RawSyscall should be replaced with syscall.setgroups so that the correct architecture dependent system call is used.
Please note that this is also true for the SYS_SETUID and SYS_SETGID syscalls just below this line as well. Those statements will operate correctly, unless a UID or GID >= 2^16 is used. In which case it will truncate the integer and use the wrong ID instead of giving an error. However, I do not see an architecture dependent function already implemented to replace those.