getgroups.2: Simplifications; Be clearer on programs to be modified

In the STANDARDS section, stop mentioning behavior that is not
prescribed by POSIX and make sure to specify which alternative we
implement (as POSIX allows to return or not the effective group ID).

Say more clearly that programs treating specially the first slot of the
returned array must be modified.

Consistently use "group ID" instead of "GID".

These changes are going to be MFCed into stable/14 as part of MFCing
commit 4be38acc82 ("getgroups.2: Clarify, mention ascending order, add
SECURITY CONSIDERATIONS"), so the current commit will be MFCed to
stable/15 only.

MFC after:      1 hour
MFC to:         stable/15
Sponsored by:   The FreeBSD Foundation
This commit is contained in:
Olivier Certner
2025-10-10 17:49:47 +02:00
parent a5b19a0cb9
commit c363dcbe75
+11 -14
View File
@@ -33,7 +33,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
.Dd September 17, 2025
.Dd October 10, 2025
.Dt GETGROUPS 2
.Os
.Sh NAME
@@ -107,10 +107,8 @@ array.
The
.Fn getgroups
system call conforms to
.St -p1003.1-2008
with the additional properties that supplementary groups are reported in
strictly ascending order and the returned size coincides with the cardinal of
the set.
.St -p1003.1-2008 ,
not reporting the effective group ID.
.Sh HISTORY
The
.Fn getgroups
@@ -121,8 +119,8 @@ Since
.Fx 14.3 ,
the
.Fn getgroups
system call has treated the supplementary groups as a set, reporting them in
strictly ascending order and returning the cardinal of the set.
system call has been reporting the supplementary groups in strictly ascending
order.
.Pp
Before
.Fx 15.0 ,
@@ -138,15 +136,14 @@ system call gets the supplementary groups set in the
array.
In particular, as evoked in
.Sx HISTORY ,
it does not anymore retrieve the effective GID in the first slot of
it does not anymore retrieve the effective group ID in the first slot of
.Fa gidset .
Programs should not make any assumption about which group is placed in the first
slot of
.Fa gidset
other than it being the supplementary group with smallest GID.
Programs that process this slot in a specific way must be modified to obtain the
effective group ID through other means, such as a call to
.Xr getegid 2 .
.Pp
The effective GID is present in the supplementary groups set if and only if it
was explicitly set as a supplementary group.
The effective group ID is present in the supplementary groups set if and only if
it was explicitly set as a supplementary group.
The function
.Fn initgroups
enforces that, while the